BetterPHP

The non-existent community
https://betterphp.co.uk/board/

[solved] PDO is driving me crazy :/

https://betterphp.co.uk/board/viewtopic.php?t=1890

Page 1 of 1

[solved] PDO is driving me crazy :/

Posted: Sun Sep 09, 2012 4:23 am
by Helx
Hi,

I have been trying to use PDO instead of the basic MySQL (I was told it may be deprecated). I keep getting this error:
Fatal error: Call to a member function rowCount() on a non-object in /home/stratusc/public_html/cgi-bin/ip-only/bta/action.php on line 70
My code is this: (WARNING HORRIBLE SYNTAX) 
if($_GET['do'] == 'login'){
	$email = base64_encode('someGuy@me.com');
	$email = str_replace('=','',$email);
	$pass = 'test';
	
	$filter1 = hash('gost', $email);
	$salt = $db2->query("select * from salt where email = '".$filter1."'");
	$salt = $salt->fetch();
	$coresalt = $salt['coresalt'];
	$salt1 = $salt['salt1'];
	$salt2 = $salt['salt2'];
	$salt3 = $salt['salt3'];
	
	$pass = enc($pass,$email,$coresalt,$salt1,$salt2,$salt3);
	$login_check = $db1->query("select * from usr where email = '$user' and password = '$pass' limit 1");
	$login_check = $login_check->fetch();
	$login_check = $login_check->rowCount();
	
	if($login_check == 1){
		echo 'Yes!';
	}else{
		echo 'No.';
	}
	die();
}
I'll try to explain what went on in my head to do this...
Well, all emails are stored in the SEPARATE password salts DB with a bit of base64 (to throw hackers off, if they gain access to my DB ;) ) Then they are hashed in GOST. No idea why.

But basically, what I want is to count the number of rows with PDO. I have no clue how to stop this error. When I commented out all of the problematic code, it always said 'Yes!' no matter what I changed the password to.

Please help me :?

Oh, and i was told that if I prepare() then execute() I wouldn't need to do any sort of stripping. Is this true?

(Sorry if this made no sense, I haven't had any sleep in a long time...)

Re: PDO is driving me crazy :/

Posted: Sun Sep 09, 2012 7:47 pm
by jacek
fetch() actually fetches the data doesn't it ? So you would not want that there at all, or at least put it after the rowCount().

It would be worth adding a few var_dump() calls around the problematic area
        $login_check = $db1->query("select * from usr where email = '$user' and password = '$pass' limit 1");
        var_dump($login_check);
        $login_check = $login_check->fetch();
        var_dump($login_check);
        $login_check = $login_check->rowCount();
        var_dump($login_check);
which will show you the value of the variable at each stage, one of them will probably be NULL.

Re: PDO is driving me crazy :/

Posted: Mon Sep 10, 2012 6:27 am
by Helx
I put a var_dump under the query:
object(PDOStatement)#3 (1) { ["queryString"]=> string(207) "select * from usr where email = 'THISISMYEMAIL' and password = 'MAYHASHEDPASSWORDLOL' limit 1" }
Nothing would show if I put it under any of the other statements.

Re: PDO is driving me crazy :/

Posted: Mon Sep 10, 2012 8:09 am
by Helx
Oh wow... Turns out I had changed the way I stored the passwords without me knowing... :3

Solved. Thanks for help anyway :)
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited