Home>

Thank you very much. column userid from field customer_information is POST [userid]
I am creating a sql that extracts matching data, but I get an error and it doesn't work.
Please tell me if you know who you are.

~ Abbreviated ~
           try {
               $pdo->beginTransaction ();
               $sql = "SELECT *,
                        FROM customer_information
                        WHERE userid =: userid;";
                   / * AND 'password' =: password;";* /
            print ($sql). "</br>";
            $stmh = $pdo->prepare ($sql);
            $stmh->bindValue (': userid', $_POST ['userid'], PDO :: PARAM_STR);
            $stmh->bindValue (': password', $_POST ['password'], PDO :: PARAM_STR);
            $bool = $stmh->execute ();
            if ($bool) {
                print ("". "Logged in.". "</br>");}
            } catch (PDOException $Exception) {
                $pdo->rollback ();
                print "error:". $Exception->getMessage ();
            }
~ Omitted ~


print ($sql). "
";
SELECT *, FROM customer_information WHERE userid =: userid;
* I tried to add customer_information and userid with '', but it was not good.

Error display
Error: SQLSTATE [42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax;check the manual that corresponds to your MariaDB server version for the right syntax to use near 'FROM customer_information WHERE userid =?' At line 2

  • Answer # 1

    $sql = "SELECT *,
                            ↓
                   $sql = "SELECT *

  • Answer # 2

    $sql =" SELECT *,
                            FROM customer_information
                            WHERE userid =: userid;";


    $sql = "SELECT *
                            FROM customer_information
                            WHERE userid =: userid;";