PHP error: Call to a member function rowCount() on a non-object

Question

I\'m working on web app that require a login page, everything work fine but i noticed that when a user try to connect and his password contain caracter he can\'t and an ugly

Answer 1

We're more than likely dealing with strings here, so the variables in your values need to be quoted.

WHERE ens_cin='$login' AND ens_pass='$password'";

Plus, just using PDO on its own, doesn't mean you're safe against SQL injection.

• Use PDO with prepared statements.

An insight:

Make sure that you are indeed connecting through PDO and not mysqli_. I see these types of questions often.

If that is the case, those different MySQL APIs do not intermix with each other.

Now this:

$password=$_GET["password"];

Passing a password through a GET isn't safe neither; you don't know who may be "listening in". You should be using POST. I hope also that you are using a hash and not plain text for password storage.

Sidenote: Make sure you're indeed using GET and not mixed up with POST, should this be coming from an HTML form.

---

"but no error appear"

You are probably not checking for errors.

Add $idconnex->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); right after the connection is opened.

Add error reporting to the top of your file(s) which will help find errors.

Sidenote: Error reporting should only be done in staging, and never production.