₦airaland Forum

Welcome, Guest: RegisterLoginWith GoogleTrendingRecentNew

Stats: 3,325,772 members, 8,423,662 topics. Date: Wednesday, 10 June 2026 at 06:01 AM

Toggle theme

Php Developers Help Me Resolve This - Webmasters - Nairaland

Nairaland ForumScience/TechnologyWebmastersPhp Developers Help Me Resolve This (839 Views)

1 Reply (Go Down)

Php Developers Help Me Resolve This by winexviv(op): 6:02pm On May 28, 2013
Please what could possibly be wrong with this function. I've been constantly getting this error "Database query failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '='' AND password='' LIMIT 1' at line 1". Your kind comments will be of great assistance.

public static function authenticate($username="", $password=""wink{
global $database;
$username = $database->escape_value($username);
$password = $database->escape_value($password);
$sql = "SELECT * FROM users";
$sql .= "WHERE username='{$username}' ";
$sql .= "AND password='{$password}' ";
$sql .= "LIMIT 1";

$result_array = self::find_by_sql($sql);

return !empty($result_array)? array_shift($result_array) : false;
}
Re: Php Developers Help Me Resolve This by spikesC(m): 7:00pm On May 28, 2013

public static function authenticate($username="", $password=""wink{
global $database;
$username = $database->escape_value($username);
$password = $database->escape_value($password);
$sql = "SELECT * FROM users ";///////////space here////////////////
$sql .= "WHERE username='{$username}' ";
$sql .= "AND password='{$password}' ";
$sql .= "LIMIT 1";

$result_array = self::find_by_sql($sql);

return !empty($result_array)? array_shift($result_array) : false;
}


From the error;

'='username_is_supposed_to_be_here' AND password='password_is_supposed_to_be_here' LIMIT 1' at line 1"


So check whether you're actually substituting the variables
Re: Php Developers Help Me Resolve This by Nobody:
SORRY I AM NOT AN OOP EXPECT. BUT THIS WILL SOLVE THE ISSUE.

===================================================================================
function  authenticate($username,$password){

$con=mysql_connect(HOST,USER,PASSWORD) or die("System busy, try again later" ) ;
mysql_select_db(DATABASE) or die("Kindly wait some minutes, and try again later" ) ;

$query="SELECT * FROM users WHERE username='{$username}' AND password='{$password}' LIMIT 1";
$sendQuery=mysql_query($query) or die("Please try again later" ) ;

if($outCome=mysql_fetch_assoc($sendQuery)){
/// database output you can add more.

$username_databate_details=$outCome['username_databate_details'];
$name_databate_details=$outCome['name_databate_details'];
$address_databate_details=$outCome['address_databate_details'];

return true;
}
else
{
return false;
}

}


===================================================================================


/// to use the function

if (authenticate($username,$password) == true) {

//do anything you want
}



NOTE:
I HOPE YOU UNDERSTAND THAT YOU HAVE TO SANITIZE YOUR INPUT AND ALSO PROTECT YOUR OUTPUT AGAINST XSS ATTACK
Re: Php Developers Help Me Resolve This by Nobody:
OOP APPROACH

public static function authenticate($username="", $password="" ) {
global $database;
$username = $database->escape_value($username);
$password = $database->escape_value($password);
$result_array = self::find_by_sql("SELECT * FROM users WHERE username='{$username}' AND password='{$password}' LIMIT 1" );
return !empty($result_array) ? array_shift($result_array) : false;
}


NOTE: THIS IS NOT THE BEST WAY TO VERIFY USERNAME AND PASSWORD.

I CAN SEE YOU ARE DOING THIS BECAUSE YOU ARE STORING THE PASSWORD IN PLAIN TEXT OR YOU HASH THE PASSWORD BUT DO NOT USE A SALT.
1 Reply

Gurus Pls Help Me Resolve My Fiverr Withdrawal IssuesEasyphp (swamp Server) Refuses To Start Pls Help Me Resolve ThisPls Help Resolve This Codes Issue234

My Simple Portfolio Website ReviewHttp://kep.md/4f2e Free Premium VPN Register Now....Need a Facebook fan page for your website?