0

something strange has happened to my site. Everything was working perfect, and now i'm getting this error when i'm trying to log in:

Fatal error: Call to undefined method PDO::select() in line 9

Here is my code:

<?php
$db = new PDO('mysql:host=****;dbname=******;charset=utf8', '*****', '*****');

if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from Form
$myusername = $_POST['username'];
$mypassword = $_POST['password'];
$result = $db->select("SELECT userID FROM miembros WHERE user='$myusername' and  pass='$mypassword' AND confirm IS NULL");
$row = $result->fetch(PDO::FETCH_ASSOC);
$count = $result->rowCount();
// code continues
?>

What i am doing wrong at line 9 and $db?

user3672191
  • 1
  • 1
  • 5
  • 2
    There are a few issues with the way you're doing this, here's a good answer which should help: http://stackoverflow.com/a/767520/2287470 – Joe May 24 '14 at 17:40
  • But i haven't modified my code, and yesterday was working perfectly. – user3672191 May 24 '14 at 17:41
  • 1
    That's not possible as PDO doesn't have a 'select' method. Were you previously using this code with a library or framework? – Joe May 24 '14 at 17:42
  • ooooh..! now i see what happened. Its query instead of select – user3672191 May 24 '14 at 17:45
  • 1
    You should salt and hash your passwords: http://stackoverflow.com/questions/401656/secure-hash-and-salt-for-php-passwords?rq=1 – jeroen May 24 '14 at 17:45

1 Answers1

2

You want to use PDO::prepare to prepare a statement which you then execute

  $db = new PDO('mysql:host=****;dbname=******;charset=utf8', '*****', '*****');

  if($_SERVER["REQUEST_METHOD"] == "POST")
  {
    // username and password sent from Form
    $prepared = array(
      'username' => $_POST['username'],
      'password' => $_POST['password']);
    $stmt = $db->prepare("SELECT userID FROM miembros WHERE user=:username and  pass=:password AND confirm IS NULL");
    $result = $stmt->execute($prepared);
    $row = $result->fetch(PDO::FETCH_ASSOC);
    $count = $result->rowCount();
  }
Victory
  • 5,811
  • 2
  • 26
  • 45