hinton92 Posted September 25, 2017 Share Posted September 25, 2017 I can't find the error, this is the whole code. I'm quite new to php and free to any advice. I use sublime text to create this. I hope you can help thanks in advance. <?php $pdo = new PDO('mysql:host=localhost;dbname=PoetsIN;charset=utf8', 'root', ''); $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION) include('/classes/DB.php') ; if (isset($_POST['createaccount'])) { $username=$_POST['username']; $password=$_POST['password']; $email=$_POST['email']; DB::query(INSERT INTO users VALUES (\'\', :username,:password,:email)', array(':username=>$username, ':password'=>$password, ':email'=>$email)); echo "Success!"; } ?> Quote Link to comment Share on other sites More sharing options...
PravinS Posted September 25, 2017 Share Posted September 25, 2017 (edited) Missing semi colon( ; ) at below mentioned line $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION) Edited September 25, 2017 by PravinS Quote Link to comment Share on other sites More sharing options...
requinix Posted September 25, 2017 Share Posted September 25, 2017 Stop developing with a text editor and get yourself an IDE like Netbeans or PhpStorm or one of many others. They can tell you about syntax errors without you having to learn PHP syntax guess. Quote Link to comment Share on other sites More sharing options...
Phi11W Posted September 25, 2017 Share Posted September 25, 2017 ... I'm quite new to php and free to any advice. ... $pdo = new PDO('mysql:host=localhost;dbname=PoetsIN;charset=utf8', 'root', ''); $username=$_POST['username']; $password=$_POST['password']; $email=$_POST['email']; DB::query(INSERT INTO users VALUES (\'\', :username,:password,:email)', array(':username=>$username, ':password'=>$password, ':email'=>$email)); (1) Don't have your connect to your database as root. Create a dedicated account to be used by your application with the permissions that it needs to do its job. Only you get to use root, usually to clean up the mess made by applications or other people. (2) Never store passwords in a recoverable form (i.e plain text). Hash the password and store that result. When the user logs in, hash whatever password they enter and compare that with what's in the table. Regards, Phill W. Quote Link to comment Share on other sites More sharing options...
benanamen Posted September 25, 2017 Share Posted September 25, 2017 3. Do not create variables for nothing 4. NEVER EVER put variables in your query. You need to use prepared statements. Here is a good PDO tutorial https://phpdelusions.net/pdo Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.