Uncaught PDOException: SQLSTATE[HY000] while inserting a token

Question

I'm trying to build a social media (social network), and right now im trying to use tokens to do the login, but I keep having the error above. My code ran perfectly without the "token code". The error seems coming from inserting the token in database, but when I check the database the token was inserted correctly... Here's the code,and the full error message

(Fatal error: Uncaught PDOException: SQLSTATE[HY000]: General error in D:\xampp\htdocs\site\classes\DB.php:15 Stack trace: #0 D:\xampp\htdocs\site\classes\DB.php(15): PDOStatement->fetchAll() #1 D:\xampp\htdocs\site\classes\login.php(18): DB::query('INSERT INTO tok...', Array) #2 {main} thrown in D:\xampp\htdocs\site\classes\DB.php on line 15)

Login.php

<?php
//session_start();
include_once('DB.php');

if (isset($_POST['login']))
{
  $email=$_POST['email'];
  $password =$_POST['password'];


   if (DB::query('SELECT email FROM users WHERE email=:email', array(':email' => $email)))
   {
         if (password_verify($password, DB::query('SELECT password FROM users WHERE email=:email', array(':email'=>$email))[0]['password'])) 
         {
            $cstrong = TRUE;
            $token = bin2hex(openssl_random_pseudo_bytes(64,$cstrong));
            $user_id = DB::query('SELECT id from users where email=:email', array(':email' => $email))[0]['id'];
            DB::query('INSERT INTO tokens VALUES (\'\',:token,:user_id)',array(':token'=>sha1($token),':user_id'=>$user_id));
            header('location: ');

           setcookie("SNID",$token, time() + 60*60*24*7, '/',NULL,NULL,TRUE);
         }
   }

      else
      {
         header('location: index.html');
      }
}

DB.php

<?php 
class DB
{
    private static function connect()
    {
        $pdo = new PDO('mysql:host=127.0.0.1;dbname=pap;charset=utf8','root','');
        $pdo -> setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);
        return $pdo;
    }

    public static function query($query,$params=array())
    {
        $statement = self::connect() ->prepare($query);
        $statement ->execute($params);
        $data = $statement -> fetchALL();
        return $data;



    }
}



?>

I hope you guys can help me out... Im still a learner so every help is welcome!

Your `query()` function always does a `fetchALL()` when running any query. As an INSERT doesn't have a result set, this isn't going to work. — Nigel Ren, Jun 17 '20 at 16:17
@aynber that doesnt answer my question.. It would work if I didnt have a login page, if I dont have that line of code ```$data = $statement -> fetchALL(); return $data; ```, I cant log in — PuppyPoop, Jun 17 '20 at 16:22
@NigelRen so how can I do this? if I take out that statements I cant log in — PuppyPoop, Jun 17 '20 at 16:23
Sure it does. fetchAll does not work with Insert/Update/Delete, but you're attempting to use it for all queries. Break out the functions, one for select, one for everything else (possibly), and only use the fetchAll in the Select function. — aynber, Jun 17 '20 at 16:25
I think the *best* solution would be to have a specific version of `query()`, which is used for INSERT statements. — Nigel Ren, Jun 17 '20 at 16:27
@aynber Already tried ```if(explode(' ', $query) == 'SELECT') ``` but it didnt worked — PuppyPoop, Jun 17 '20 at 16:29
@NigelRen I probably dont know how to do that, do you have some kind of manual or a link to something about that? — PuppyPoop, Jun 17 '20 at 16:30
Explode returns an array, that won't work. You need to create specific functions for each type of query instead of using one catch-all function. — aynber, Jun 17 '20 at 16:47
@aynber How can I do that? I'm not finding correct syntax or answer to that — PuppyPoop, Jun 17 '20 at 16:55
@NigelRen I'm still a learner, so could I use some help please since my post is taken down? — PuppyPoop, Jun 17 '20 at 20:55

Uncaught PDOException: SQLSTATE[HY000] while inserting a token

0 Answers0