try{
$pdo = new PDO("mysql:host=localhost;dbname=name", 'user', 'pass');
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$statement = "SELECT id FROM users WHERE email LIKE ?";
$stmt = $pdo->prepare($statement);
$stmt->bindParam(1, htmlspecialchars($this->params['email']), PDO::PARAM_STR);
$stmt->setFetchMode(PDO::FETCH_ASSOC);
$row = $stmt->fetch();
}catch (PDOException $e) {
echo $e;
}
print_r($row[0]['id']);
if(is_int($row[0]) > 0) {
throw new Exception();
} elseif(is_int($row[0]) > 0) {
//Generating encryption
$crypt = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_CBC, '');
$iv = mcrypt_create_iv(32, MCRYPT_RAND);
$key = mcrypt_create_iv(32, MCRYPT_RAND);
$password = mcrypt_create_iv(12, MCRYPT_RAND);
mcrypt_generic_init($crypt, $key, $iv);
$crypted = mcrypt_generic($crypt, $password);
$activation = mcrypt_create_iv(128, MCRYPT_RAND);
mcrypt_generic_deinit($crypt);
try{
$pdo = new PDO("mysql:host=localhost;dbname=name", 'user', 'pass');
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$statement = "INSERT INTO users(name, password, cryptokey, cryptovector, email, activation_code, active, usertype) values(?, ?, ?, ?, ?, ?, 0, ?); ";
$stmt = $pdo->prepare($statement);
$stmt->bindParam(1, mysql_real_escape_string($this->params['name']), PDO::PARAM_STR);
$stmt->bindParam(2, $password, PDO::PARAM_STR);
$stmt->bindParam(3, $key, PDO::PARAM_STR);
$stmt->bindParam(4, $iv, PDO::PARAM_STR);
$stmt->bindParam(5, mysql_real_escape_string($this->params['email']), PDO::PARAM_STR);
$stmt->bindParam(6, $activation, PDO::PARAM_STR);
$stmt->bindParam(7, mysql_real_escape_string($this->params['acctype']), PDO::PARAM_STR);
$stmt = null;
}catch (PDOException $e) {
print_r($e);
}
$smarty = new Smarty();
$smarty->assign('NAMES',$this->params['name']);
$smarty->assign('UNIT', $this->params['acctype']);
$smarty->assign('KEYPASS',$password);
$smarty->assign('NAMES',$this->params['name']);
$smarty->assign('ACTIVATION_LINK','https://localhost/profile.php?action=activate&key='.urlencode($activation).'&email='.urlencode($this->params['email']));
$msgBody = $smarty->fetch('templates/default/mail.html');
try {
$mail = new PHPMailer();
$mail->Host = "server";
$mail->SMTPAuth = TRUE;
$mail->Host = "server";
$mail->Port = 25;
$mail->Username = "email";
$mail->Password = "password";
$mail->AddAddress($this->params['email']);
$mail->SetFrom('test@example', 'test Services');
$mail->Subject = 'Confirm registration and login credentials.';
$mail->MsgHTML($msgBody); // attachment
#$mail->Send();
echo 'localhost/profile.php?action=verify&key='.base64_encode($activation).'&email='.urlencode($this->params['email']);
} catch (phpmailerException $e) {
#echo $e; //Pretty error messages from PHPMailer
print_r($e);
} catch (Exception $e) {
echo $e; //Boring error messages from anything else!
print_r($e);
}
}
}
So this is my method for authentication. __construct($arg1, $arg2); $arg1 gets the action and $arg2 and it is the $self::params gets the variables that it requires in this case the email names and password. It prints the the activation link for testing purposes and when it does i see Array( ) after it. The if statement that has isset($row) is not doing what it have cuz it is telling my script that row is set. And when I print_r it I see none... when echo i see Array( ).... I Use Zend server CE With PHP 5.4 and I have a table that is structured like this:
id, - name, - password, - cryptokey, - cryptovector, - email, - activation_code, - active, - usertype
1, - J.Smith, - pwd, - key, - vector, - some@mail, - activation code, - 0, - candidate
You are missing the $stmt->execute(); in your code. This is an example of code that I happen to have in eclipse right now:
$sql="select id from users where userName=:userName";
$this->prepared = $this->mysqlAccess->con->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
$this->prepared->execute(array(':userName' => $this->username));
When you prepare the statement, you need to execute it before you can query the results.