Validate data with PDO

Asked

Viewed 487 times

3

I am migrating my php code in which I was using sql query to PDO, but I am finding it difficult to validate data with this.

NOTE:I already have a functional file that does the search in the database, my difficulty is really in comparing it with the POST and validate them.

OBS2: If someone can give me some link to help in the migration of mysql_ to PDO would help too!

Follow the php code I’m trying to make work:

if(isset($_POST['entrar']) && $_POST['entrar'] == "login"){
    $ID = $_POST['usuario'];
    $senha = $_POST ['senha'];
    if (empty($ID) || empty ($senha)){
        echo '<p style="font: 20px Verdana; position:absolute; top:700px; left:40%; color:red;">Por favor preencha os campos!</p>';
    }
    else{
        $buscar=$pdo->prepare("SELECT ID, senha, usuario FROM usuarios WHERE ID='$ID' AND senha='$senha'");
        $buscar->execute();
        $linha=$buscar->fetchALL(PDO::FETCH_ASSOC);
        foreach ($linha as $listar){
        if ($listar >0){
            $_SESSION['ID'] = $busca ['ID'];
            $_SESSION['usuario'] = $busca ['usuario'];
            header ('location:logado.php');
            exit;
        }
        else{
            echo '<p style="font: 30px Verdana;  text-align:center; color:red;">Usuario ou senha invalidos.';
            echo '<meta http-equiv="refresh" content="1;URL=index.html" />';
        }
    }
}
php mysql pdo web-application

  • What’s the problem? when doing tests can comment on header() code to view error messages.

  • $listar comes from where?

  • My mistake, corrected it. The problem is in if probably, I am not knowing how to compare it to make this validation successfully, I changed only a little compared to the code using sql_.

1 answer

3


Who has the result of the consultation $linha and not $busca. If you will return only one record use fetch() in place of fecthAll() this eliminates an unnecessary foreach.

if(!empty($_POST['entrar']) && $_POST['entrar'] == "login"){
    if (empty($_POST['usuario']) || empty ($_POST['senha'])){
        echo '<p style="font: 20px Verdana; position:absolute; top:700px; left:40%; color:red;">Por favor preencha os campos!</p>';
    }else{
        $buscar = $pdo->prepare("SELECT ID, senha, usuario FROM usuarios WHERE ID = ? AND senha = ?");
        $buscar->execute(array($_POST['usuario'], $_POST ['senha']));
        $linha = $buscar->fetch(PDO::FETCH_ASSOC);

        if($buscar->rowCount()){
            $_SESSION['ID'] = $linha['ID'];
            $_SESSION['usuario'] = $linha['usuario'];
            header ('location:logado.php');
            exit;
        }else{
             echo '<p style="font: 30px Verdana;  text-align:center; color:red;">Usuario ou senha invalidos.';
            echo '<meta http-equiv="refresh" content="1;URL=index.html" />';
        }
    }
}

  • It was exactly that, had thought of the foreach as a way to compare all one at a time. Thank you!

  • @Wel if you are interested in working with PDO see that answer

Browser other questions tagged php mysql pdo web-application

You are not signed in. Login or sign up in order to post.