When the user goes to login, and presses login, the array is shown in the browser, and the only thing I can think of what is causing that is the print_r. I was wondering if there was a way to get it so that it could still return the array and do what it needs to do in the background. This worked previously with json_decode and an actual file - but I am getting rid of the files and entering data into a database. Thanks in advaced, and the code is below.
PHP Code:function user_info($user) {
$PDOUser = " "; //Username for MySQL
$PDOPass = " "; //Password for MySQL
$dbh = new PDO('mysql:host=localhost;dbname=db_name', $PDOUser, $PDOPass);
$dbh->exec("set names utf8");
$stmt = $dbh->prepare("SELECT 1 FROM users WHERE user = :user");
// Pass items in to get cleaned
$stmt->bindParam(':user', $user);
// Check it
if ($stmt->execute() > 0) {
$data = $dbh->prepare("SELECT * FROM users WHERE user = :user");
$data->bindParam(':user', $user);
$data->execute();
$results = $data->FetchAll();
return print_r($results);
} else {
return false;
}
// This below here is the old code...
//if(is_file('data/users/'.strtolower(clean_alphanum($user)))) {
// return json_decode(file_get_contents('data/users/'.strtolower(clean_alphanum($user))),true);
//} else {
// return false;
//}
}
-
No Profile PictureContributing UserDevshed Newbie (0 - 499 posts)
- Join Date
- Dec 2012
- Posts
- 85
- Rep Power
- 5
Help needed with return in a function
-
Lazy ModeratorDevshed Supreme Being (6500+ posts)
- Join Date
- Mar 2007
- Location
- Washington, USA
- Posts
- 16,326
- Rep Power
- 9645
print_r() is for debugging. I can't think of any reason you'd actually want to keep it in code.
-
--Devshed Expert (3500 - 3999 posts)
- Join Date
- Jul 2012
- Posts
- 3,959
- Rep Power
- 1017
Hi,
I guess you want json_decode() like in your old code (not print_r()).
However, it doesn't really make sense to do the encoding in the function itself. Just return the array, and in the main script, encode or format it in any way you want.
There's some other issues:
- Do not use SET NAMES. It breaks the escaping mechanism, because PDO isn't aware of the encoding change. Since PDO by default uses fake prepared statements that rely on automatic escaping, SET NAMES also breaks those fake prepared statements. On the bottom of the linked post, there's a code snippet on how to correctly set the encoding and turn on real prepared statements.
- Do not use the terrible SQL "death star" (SELECT *). It's dangerous, because it selects everything (now and in future versions of the table), no matter if it's a password hash, a credit card number or your secret diary entry. It's inefficient, it wastes resources, and it's simply unclean. Don't use it. Always explicitly specify the columns you want.
- Doing the same query twice isn't very useful. Why not simply rely on fetchAll() returning an empty array in case there are no rows? An empty array also evaluates to false in a boolean context, and it's cleaner to always return the same type, anyway.
-
No Profile PictureContributing UserDevshed Newbie (0 - 499 posts)
- Join Date
- Dec 2012
- Posts
- 85
- Rep Power
- 5
Thanks for replies! I have a couple questions for you.Originally Posted by Jacques1
--> What is a SET NAME?
--> If I can't use the "death star" how can I still get all of the data from the database?
--> "Doing the same query twice isn't very useful. Why not simply rely on fetchAll() returning an empty array in case there are no rows? An empty array also evaluates to false in a boolean context, and it's cleaner to always return the same type, anyway." Could you give me an example of this?
Thanks,
TJ
April 13th, 2013, 10:38 PM
Reply With Quote
April 13th, 2013, 11:28 PM
April 14th, 2013, 04:33 AM
April 14th, 2013, 10:43 AM
