Mysql to PDO

PHP
1

HI, trying to convert mysql to pdo, still new and learning, i am having a problem for my syntax in the while loop, i will be happy for advice.

<?php
$username = $_POST['username'];
$password = $_POST['password'];

if (!$username||!$password)
echo " Enter a Username and Password";
else
{


$query = $handler ->prepare("SELECT Count(*) From reusers WHERE username='$username'"); 
$query->execute();
$numrows =$query->fetchColumn();

if($numrows==0)
	echo"No such Users";
	else
{
	while ($r = $query->fetch(PDO::FETCH_ASSOC))
	{
	//get database password
		$dbpassword = $row['password'];
		//encrypt form  password
		$password = md5($password);
		
		// check password
		if ($password!=$dbpassword)
		echo "incorect Password";
		else
		{
		//check if active
		
		$active = $row['active'];
          $email = $row['email'];
          if ($active==0)
           echo "You haven't activated your account, please check your email ($email)";
          else
          
		{
		//echo " You are in! <a href='remembers.php'>Click</a> here to enter the member page";
		//echo " You are in! <a href='index.html'>Click</a> here to enter the member page";
		$_SESSION['username']=$username;
		redirect_to('index.php');
		
		}
		
		}
	
		
	}
}

	

}


?>

thanks

2 

if ($username==''||$password=='')
   echo " Enter a Username and Password";
else{
$query = $handler->prepare("SELECT * From reusers WHERE username= ? and password= ?");
$query->execute(array($username,md5($password)));

 if ($query->rowCount() == 1) {

    while ($r = $query->fetch(PDO::FETCH_OBJ)){
          $active = $r->active;
          $email = $r->email;
          if ($active==0)
             echo "You haven't activated your account, please check your email ($email)";
          else{
              //echo " You are in! <a href='remembers.php'>Click</a> here to enter the member page";
              //echo " You are in! <a href='index.html'>Click</a> here to enter the member page";
             $_SESSION['username']=$username;
               header("location:welcome.php");

            }

    }


    }

}
3

thanks that was a clean code

4

by the way i forgot something


if ($username==''||$password=='')
   echo " Enter a Username and Password";
else{
$query = $handler->prepare("SELECT * From reusers WHERE username= ? and password= ?"); 
$query->execute(array($username,md5($password)));

 if ($query->rowCount() == 1) {
   
    while ($r = $query->fetch(PDO::FETCH_OBJ)){
          $active = $r->active;
          $email = $r->email;
         $regusername = $r->username;//add this line
          if ($active==0)
             echo "You haven't activated your account, please check your email ($email)";
          else{
              //echo " You are in! <a href='remembers.php'>Click</a> here to enter the member page";
              //echo " You are in! <a href='index.html'>Click</a> here to enter the member page";
             $_SESSION['username']=$regusername;
               header("location:welcome.php");
        
            }
        
    }
    
        
    }
  
}
5

thanks

6

You could also consider just using fetchAll and skipping all the row count stuff.


$query = $handler->prepare("SELECT password From reusers WHERE username= :username");
$query->execute(array('username' => $username);
$users = $query->fetchAll();
foreach($users as $user)
{
    // check your password
7