Mawg Mawg - 4 months ago 13
MySQL Question

PDO query works from CLI, not from PHP

I have a MySQL query which works from the command line, but not from PHP.

Can anyone see what I am doing wrong?

$sqlText = 'SELECT FROM customers WHERE login_name=:name
AND password=:password';
$query = $pdo->prepare($sqlText);
$query->bindParam(':name', $userName);
$query->bindParam(':password', sha1($password));
$result = $query->fetch(PDO::FETCH_ASSOC);


and
$result
is
false
.

But, from the command line,

SELECT * FROM customers WHERE login_name="a"
AND password="4192dee2f886e99ececbb2eee0d2f37f11257974"


works.

When I debug
userName
is
a
and
$password
is
4192dee2f886e99ececbb2eee0d2f37f11257974
.

Can some one make me say D'oh ?

Answer

You forgot execute().

Moreover, if really $password` is `4192dee2f886e99ececbb2eee0d2f37f11257974, then you must be running sha1() twice. Either remove the sha1() from the bind line, or keep $password in the clear.

I'd suggest naming the database column "passwordHash", and the variable either $password if it is in cleartext, or $passwordHash if you already ran sha1() on it. That way, you would have written

$query->bindParam(':passwordHash', sha1($passwordHash));

and immediately spotted the extra sha1() call.

Comments