PHP - Blank error alert with no text, no error log entry - PDO fetch()

Question

I hope using the 'mysql' db in mysql does not affect anything (I honestly can't remember if that was mistake or not) as I will have to completely re-do the mysql portion of this site if so (I don't know if it is reserved for something else). I have two things that I am trying to do here, 1) Verify login information via usernames table, and 2) Create a listing if login information is valid. I originally had this in two PHP files, but am trying to simplify this as much as possible; some examples I have seen for logging into a site are too complicated, all I need is a mechanism to verify login details, and create a listing...this is not intended to be a networking site or anything. Also, in the IDE I'm using it mentions not to use $query twice but changing it doesn't seem to make a difference. I am not too familiar with how PDO::fetch() works (or PHP in general) but this is how I have implemented it:

<?php 
header('Content-Type: application/json');

error_reporting(E_ALL); 
ini_set('display_errors', 1); 


$uname = filter_input(INPUT_POST, 'uname'); 
$upassword = filter_input(INPUT_POST, 'upassword'); 
$name = filter_input(INPUT_POST, 'name');
$description = filter_input(INPUT_POST, 'description');

$createlisting = '';
$hello = array();


if(!empty($uname && $upassword && $name && $description)) { 

$conn = new PDO('mysql:host=127.0.0.1;dbname=mysql', 'root', "password"); 
$conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); 
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 
$query = 'SELECT `uname`,`upassword` FROM `usernames` WHERE `uname` = :uname'; 
$stmt = $conn->prepare($query); 
$stmt->bindParam(":uname",$uname, PDO::PARAM_STR, strlen($uname)); 
$stmt->execute();

$hello = $stmt->fetch(PDO::FETCH_ASSOC);
$upasswordhash = password_hash($upassword, PASSWORD_DEFAULT);
$loginarray = array($uname, $upasswordhash);
$loginarray1 = array($hello['uname'], $hello['upassword']);


if ($loginarray === $loginarray1){


        $query = "INSERT INTO user_meta (name, description) VALUES (:name, :description)";
        $stmt = $conn->prepare($query);

        $query->bindParam(":name",$name, PDO::PARAM_STR, strlen($name)); 

        $query->bindParam(":description",$description, PDO::PARAM_STR, strlen($description));
        $query->execute(); 
        echo json_encode("Your listing has been created.  Please use the search function to see it.");

        $conn = null;
        $query = null;
 //closes the MySQL connection.
} else {
echo json_encode("Listing failed.");
}
}

I didn't try but the "if(!empty" line seems strange. You should check each variable separately I think — ave4496, Sep 26 '16 at 05:20
Basically this returns just a blank alert box, I'm pretty sure it's my use of PDO::fectch(), I will post the solution when I finish. Thanks — somedude, Sep 26 '16 at 05:41

score -2 · Answer 1 · edited May 23 '17 at 12:06

-2

Try to compare array values instead of using the == operator.

The pdo returns an associative array but you're using numeric indexes on tryout $hello array.

From this question: https://stackoverflow.com/a/5678990

$arraysAreEqual = ($a == $b); // TRUE if $a and $b have the same key/value pairs.
$arraysAreEqual = ($a === $b); // TRUE if $a and $b have the same key/value pairs in the same order and of the same types.

edited May 23 '17 at 12:06

Community

1
1

answered Sep 26 '16 at 05:25

M.Alnashmi

582
1
4
15

Made changes, guess I go with the duplicate, thanks. – somedude Sep 26 '16 at 05:40

PHP - Blank error alert with no text, no error log entry - PDO fetch()

1 Answers1