0

Simple Login Form Using PDO .The Output of echos works fine .Enters inside the else case But does not go inside the foreach loop. The output of var_dump gives this .

echo output

1rows SelectedEntered successfull loop

var_dump output

object(PDOStatement)[3] public 'queryString' => string 'select * from tour_login where username='admin' and password='admin' and status=1' (length=81)

  if(isset($_POST['login']))
                {
                    $un=$_POST['un'];
                    $pass=$_POST['pass'];
                    $res=DB::getInstance()->query("select * from tour_login where username='$un' and password='$pass' and status=1");
                    $num_rows = $res->fetchColumn();

                    echo $num_rows."rows Selected";
                    if($num_rows<=0)
                    {   echo "Entered error loop"; 
                        echo "<script>alert('invalid username and password');document.location='index.php';</script>";
                        return false;
                    }
                    else
                    {


                        echo "Entered successfull loop"; 
                            foreach ($res as $row) {

                                echo "Entered successfull for loop"; 
                                        if($row['type']==0)
                        {

                            $_SESSION['admn']=$un;
                            echo "<script>alert('welcome admin...');document.location='adminhome.php';</script>";
                        }
                        else
                        {
                            $_SESSION['usr']=$un;
                            echo "<script>alert('welcome user...');document.location='userhome.php';</script>";
                        }


                            }

                    }

                }

What I am not understanding is why foreach is not working with number of rows showing one.New to Php.I found alternative of using mysql_num_rows() in pdo in this StackOVerflow Question https://stackoverflow.com/questions/11305230/alternative-for-mysql-num-rows-using-pdo

Community
  • 1
  • 1
codefreaK
  • 3,584
  • 5
  • 34
  • 65

1 Answers1

1

Your first problem is that, being a novice, you just snatched one line from the code you found, having no idea what does it do. This line would never return number of rows found, yet this line is responsible for your confusion, as it fetches all the data you selected, leaving nothing for the foreach loop. Though you don't need the latter as well.

Your second problem is that you are under a very common delusion, thinking you need number of returned rows at all. In fact, you don't actually need it.

Your third problem is that you ought to be using prepared statements but you aren't.

The code you need is

$sql = "select * from tour_login where username=? and password=? and status=1";
$res = DB::getInstance()->query($sql);
$res->execute(array($un, $pass));
$row = $res->fetch();
if(!$row) {
   echo "Entered error loop"; 
   echo "<script>alert('invalid username and password');document.location='index.php';</script>";
   return false;
}

and so on. Just remove useless foreach loop and you're set.

Your Common Sense
  • 156,878
  • 40
  • 214
  • 345
  • Bro thanks,for your effort and points.I figured out this myself was gonna delete the question but the problem is i cant since it may result in question ban .You are spot on so I voted up and accepted it as answer.What I am doing is I am changing a existing php project replacing deprecated mysql_ functions with pdo and I do not have the liberty to do anything new as there is a very small time frame attached to it .Adding to that I started using php a week back .So am not familiar with the language for ease of use without checking what that code really does I used it as solution and end up – codefreaK Sep 03 '15 at 16:01
  • Spending More time in it .Bro I want to ask you another thing if there is a row with four columns and you want third column accessed then $res->fetchColumn(3).Does the trick ??.From my undertanding each time fetchColumn() is called it points to next row and its column ? – codefreaK Sep 03 '15 at 16:04