Home/ Questions/Q 8618591
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-12T06:08:41+00:00

I’m trying to create a script that checks if the provided username is in

  • 0

I’m trying to create a script that checks if the provided username is in the table “users”, but the “if” statement is always returned false. The users table only has the one column “username”, listing all the users. What am I doing wrong?

$dbh = new PDO("sqlite:db.sqlite");
$stmt = $dbh->prepare("SELECT username from users where username = :name");
$stmt->bindParam(":name", $user);
$stmt->execute();

if($stmt->rowCount() > 0)
{
    //in the table
}
else{
    //not in the table
}

The whole script:

<?php
require_once 'mclogin.class.php';
$api = new MinecraftAPI();
$user = $_POST['user'];
$password = $_POST['pword'];
if($api->login($user, $password)){
print $user;
$dbh = new PDO("sqlite:db.sqlite");
$stmt = $dbh->prepare("SELECT username from users where username = :name");
$stmt->bindParam(":name", $user);
$stmt->execute();

if($stmt->rowCount() > 0)
{
    echo "You are whitelisted";
}
else{
    echo "You are not whitelisted";
}

}else{
echo "Bad login";
}
?>

the page that send the info:

<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title></title>
    </head>
    <body>

      <form name="input" action="login.do.php" method="post">
Username: <input type="text" name="user">
Password: <input type="password" name="pword">
<input type="submit" value="Submit">
      </form>  
    </body>
</html>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Note:

    PDOStatement::rowCount() returns the number of rows affected by the
    last DELETE, INSERT, or UPDATE statement executed by the corresponding
    PDOStatement object.

    If the last SQL statement executed by the associated PDOStatement was
    a SELECT statement, some databases may return the number of rows
    returned by that statement. However, this behaviour is not guaranteed
    for all databases and should not be relied on for portable
    applications.

    You should use the below instead, just use the fetch() method to check whether the result is empty.

    $dbh = new PDO("sqlite:db.sqlite");
$stmt = $dbh->prepare("SELECT 1 from users where username = :name");
$stmt->bindParam(":name", $user);
$stmt->execute();

// use fetch instead of rowCount
if ($stmt->fetch()) {
  // in the table
} else {
  // not in the table
}
    • 0