Error in PDO page Call to a member function bindValue() on a non-object

Question

I am very new to PDO.

I tried making a login page to my website and the code is shown below

<?php
     if(isset($_POST['username'])and isset($_POST['password']))
     { 

session_start();
$db = new PDO('mysql:host=localhost;dbname=hydra', 'root', '');

$username = $_POST['username'];
$password = $_POST['password'];

$query = $db->query("SELECT * FROM login where username=:username AND password=:password");
    $query->bindValue(":username", $username, PDO::PARAM_STR);
    $query->bindValue(":password", $password, PDO::PARAM_STR);
    $query->execute();

    if($query->rowcount() >0 )
    {
        echo "No Records Found!";
        header('Location: login.php');
    }
    else
    {
        $_SESSION['username'] = $_POST['username'];
        header("Location: home.php");

    }




           }
         ?>

after trying to login, I got this following error : Call to a member function bindValue() on a non-object

Whats wrong with my code?

score 3 · Accepted Answer · answered Oct 30 '13 at 11:55

Try it like this:

$stmt = $db->prepare("SELECT * FROM login WHERE username=:username AND password=:password");
    $stmt->bindValue(":username", $username, PDO::PARAM_STR);
    $stmt->bindValue(":password", $password, PDO::PARAM_STR);
    $stmt->execute();

You have to create a statement ($stmt) via $db->prepare("sql") not a query. Then you can bind params to the prepared statement and execute it.

Your Common Sense · Answer 2 · 2013-10-30T12:04:07.210

0

You have to use prepare() not query()

Your code also is too bloated.

$stmt = $db->prepare("SELECT * FROM login where username=? AND password=?");
$stmt->execute([$_POST['username'], $_POST['password']]);

is enough
Also, you have to add this line after connect

$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );

edited Oct 30 '13 at 12:04

answered Oct 30 '13 at 11:53

Your Common Sense

156,878
40
214
345

score 0 · Answer 3 · answered Oct 30 '13 at 11:55

PDO::query return Values are PDOStatement object or FALSE on failure.

In your case a failure occurred and the returned value is FALSE instead of being a PDOStatement object.

Use var_dump right after $query = $db->query(... to make sure you are receiving an error. And use PDO error checking to find out what the error message is.

score 0 · Answer 4 · edited Dec 16 '22 at 05:06

0

try use prepare() method instead of query()

$query = $db->prepare("SELECT * FROM login where username=:username AND password=:password");

$query->bindValue(":username", $username, PDO::PARAM_STR);
$query->bindValue(":password", $password, PDO::PARAM_STR);
$query->execute();

edited Dec 16 '22 at 05:06

Vel

9,027
6
34
66

answered Oct 30 '13 at 11:59

rray

2,518
1
28
38

Error in PDO page Call to a member function bindValue() on a non-object

4 Answers4