0

I have switched over to PDO using the link provided and wrote the following code only to get an error referring to the same variable containing the insert.

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING

This error is referring to the line after the $stmt INSERT.

   <?php
   $servername = "XXXXXXXXXX";
   $username = "ymodb";
   $password = "XXXXXXXXX";
   $dbname = "ymodb";

   try {
   $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
   // set the PDO error mode to exception
   $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

   // prepare sql and bind parameters
   $stmt = $conn->prepare("INSERT INTO users (fullname, email, password, fname, email1, password1, relationship) VALUES ('$_POST['fullname']','$_POST['email']','$_POST['password']','$_POST['fname']','$_POST['email1']','$_POST['password1']','$_POST['relationship']')");
$stmt->execute();
echo "New records created successfully";
}
catch(PDOException $e)
{
echo "Error: " . $e->getMessage();
}
$conn = null;
?>
Emily
  • 1
  • 4
  • **WARNING**: Writing your own access control layer is not easy and there are many opportunities to get it severely wrong. Please, do not write your own authentication system when any modern [development framework](http://codegeekz.com/best-php-frameworks-for-developers/) like [Laravel](http://laravel.com/) comes with a robust [authentication system](https://laravel.com/docs/5.2/authentication) built-in. At the absolute least follow [recommended security best practices](http://www.phptherightway.com/#security) and never store passwords as plain-text. – tadman Jun 14 '16 at 01:23
  • **WARNING**: When using PDO you should be using [prepared statements](http://php.net/manual/en/pdo.prepared-statements.php) with placeholder values and supply any user data only as arguments on `execute` . In this code you have potentially severe [SQL injection bugs](http://bobby-tables.com/). Refer to [PHP The Right Way](http://www.phptherightway.com/) for advice on how to avoid problem like this. – tadman Jun 14 '16 at 02:59

0 Answers0