Jump to content

PHP connection to database.


Hendz

Recommended Posts

<?php class UserQuery { public function Adduser($id,$username,$email,$password)

{

$conn = new Config();

$sql =("INSERT INTO test.user (id, username, email, password) VALUES ('$id', '$username', '$email',$password)");

$conn->exec($sql); }

}

 

getting an "exec doesnt exist "    error,  saying exec doesnt exist in my db file.

it doesnt need to exist does it ?

anyone any idea why ? 

 

Link to comment
Share on other sites

@requinix I created a new pdo Object, and fed in details of db like in config file.

It doesnt throw the error anymore but then again when i run it it doesnt add given data lol.

Sorry, Im php noob. im normally a java dev just learning this is stressful.

 

class UserQuery {

public function Adduser($id,$username,$email,$password){

$dsn = "mysql:dbname=test;host=127.0.0.1:3306";

$user = "root"; $passwd = "2194";

$pdo = new PDO($dsn, $user, $passwd);

$sql =("INSERT INTO test.user (id, username, email, password) VALUES ('$id', '$username', '$email',$password)");

$pdo->exec($sql);

} }

Link to comment
Share on other sites

See, the problem here is that there is clearly much more to your code than just the little bits you've posted, and there could certainly be problems elsewhere that would explain whatever issues you've having.

For example, maybe your PDO options are not set up to throw exceptions when things don't work, which would mean you would have no idea whether calling ->exec() worked or not. Look into what you need to do to change that behavior.

Link to comment
Share on other sites

16 hours ago, Hendz said:

$user = "root"; $passwd = "2194";

. . . 


$sql = "INSERT INTO users ( name, email, pswd_hash ) VALUES ( ?, ?, ? )";
$pdo->exec( $sql, [ $enteredName, $enteredEmail, yourFavouriteHashingFunction( $enteredPassword ) ] );
$newUserId = $pdo->lastInsertId(); 

 

Thank you for posting your database's root password for the whole world to read. 
Go and change it right now

Stop using the root user in your Application code. 
Create dedicated accounts for each of your Applications and grant these accounts appropriate permissions.  
Always keep the biggest and best tools to yourself (so that you can sort out the mess made by other people or programs). 

Stop using Reserved Words as table / column names (e.g. "user" & "password"). 
Doing so will come back to bite you, at some point. 

Don't store the user's actual password. 
Instead, take the entered password, put it through your favourite, one-way, hashing algorithm and store the result of that.  (When the user is logging in, take the entered password, hash it and check that value against what's in the database. 

Read up about Prepared Statements as a way to protect yourself against SQL Injection Attacks. 
Obligatory XKCD Reference: Little Bobby Tables.

Regards, 
   Phill  W.

Link to comment
Share on other sites

3 hours ago, Phi11W said:

Don't store the user's actual password. 
Instead, take the entered password, put it through your favourite, one-way, hashing algorithm and store the result of that.  (When the user is logging in, take the entered password, hash it and check that value against what's in the database. 

@Hendz I recommend you use PHP's password_hash() and password_verify() functions.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.