• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
A Database Error Occurred[newbie user]

#2
PHP Code:
class Model_users extends CI_Model
{
 
   public function can_log_in($inputData)
 
   {
 
       echo '<script type = "text/javascript">alert("The result is: '.$inputData['username'].'");</script>';

 
       $this->db->select('username, pass');
 
       $this->db->from('users');

 
       echo '<script type = "text/javascript">alert("The result 2 is: '.$inputData['username'].'");</script>';

 
       $this->db->where('UPPER(username)',strtoupper($inputData['username']));
 
       $this->db->where('pass', (md5('root')));
 
       
        
//$this->db->get('users');
 
       
        echo 
'<script type = "text/javascript">alert("Waiting to be processed");</script>';
 
       
        if 
($this->db->get('users')->num_rows() > 0) {
 
           echo '<script type = "text/javascript">alert("Query successfully executed");</script>';
 
           return $this->db->get('users')->result();
 
       } else {
 
           return false;
 
       }
 
   }


I'm assuming the echos here are just because you're troubleshooting, but, even in that case, they shouldn't be in the model. Even without them, though, this is where the problem occurs. The table name for your query is defined when calling either the db->from() method or the db->get() method, you have it defined in both, so it's being added to your query twice.

Further, you're probably not going to get the result you're looking for when your query succeeds, because you're calling $this->db->get('users') again after you check the number of rows for your result (and this time, it will be "select * from users" without a where clause).

To fix this, you would probably want to do something like this:
PHP Code:
class Model_users extends CI_Model
{
 
   public function can_log_in($inputData)
 
   {
 
       $this->db->select('username, pass');
 
       $this->db->from('users');
 
       $this->db->where('UPPER(username)'strtoupper($inputData['username']));
 
       $this->db->where('pass', (md5('root')));
 
       
        $query 
$this->db->get();
 
       
        if 
($query->num_rows() > 0) {
 
           return $query->result();
 
       } else {
 
           return false;
 
       }
 
   }


Beyond this, the idea that this code might have something to do with handling usernames and passwords for your site is scary. For password hashing, start with this: http://php.net/manual/en/faq.passwords.php

If you can't use one of the versions of PHP supported by that information for some reason, this should help: http://www.openwall.com/phpass/
Reply


Messages In This Thread
RE: A Database Error Occurred[newbie user] - by mwhitney - 03-27-2015, 08:38 AM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.