Welcome Guest, Not a member yet? Register   Sign In
Query Problems - Should be a Simple Fix

For some reason, I keep getting an error

A Database Error Occurred

Error Number: 1054

Unknown column 'allengingrich' in 'where clause'

SELECT password FROM users WHERE username=allengingrich

Which is a result of trying to use a login form using the following controller:

function login() {
        if (isset($_POST['submitted'])) {
        $username = $_POST['username'];
        $password = $this->db->query('SELECT password FROM users WHERE username='.$username);
        if ($password->result() == $_POST['password']) {
            $sessdata = array(
            'username' => $_POST['username'],
        } else {

Anyone know what gives? I can't figure out what the problem is at all...

[eluser]Armchair Samurai[/eluser]
You need quotes around the $username variable. You might want to consider using CI's query bindings to escape your submitted data rather than trying to do everything manually.

$username = $_POST['username'];
$query = $this->db->query('SELECT password FROM users WHERE username = ?', array($username));

Thank you Very Much, that helped the problem.

Now however, I can't authenticate no matter what. Anything wrong my code?

[eluser]Armchair Samurai[/eluser]
To be honest, there are a few things which I wouldn't consider "best practice" when looking at the code, but the most immediate thing is that you are using the db library incorrectly - you need to change your syntax when generating a db result:

$query = $this->db->query('SELECT password FROM users WHERE username = ?', array($username));
$result = $query->row(); // You should only need a single row for the result

if ($result->password == $_POST['password']):
// continue on here....

Theme © iAndrew 2016 - Forum software by © MyBB