Request help with Database PDO Update

ICHaps

New member
Hello.
I'm trying to create a forgot password and password reset routine, however I've ran into an un-expected error with $stmt->execute();
At present, I'd like it to create a 5 or 6 digit pass code and write it to the database, however as far as I can work out, after the update statement, it won't execute.

I've also included echo statements so I can track where it says:
PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE user_id=1' at line 1 in Stack trace: #0 /home/virtual/vps- PDOStatement->execute() #1 {main}3




<?php
//Sign In
if(session_status() !== PHP_SESSION_ACTIVE) {
session_start();
}

//Encrypt email
$emreq = strtolower($_POST["txtreqemail"]); //Convert to lowercase
$otpml = $_POST["txtxmail"];

include($_SERVER['DOCUMENT_ROOT'].'/encrypts.php');
$crypted_reqe = openssl_encrypt($emreq, $ciphering, $encryption_key, $options, $encryption_iv);


$servername = $_SESSION['dbf_host'];
$username = $_SESSION['dbf_user'];
$password = $_SESSION['dbf_pass'];
$dbname = $_SESSION['dbf_databasename'];


try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$results = $conn->query('SELECT * FROM user');
while ($row = $results->fetch()) {
if ($row['email'] == $crypted_reqe) {
echo "1<br>";
if ($row['status'] == "ngBu" or $row['status'] == "kQZtIYps" or $row['status'] == "lR1pIY5sfA==") {
echo "2<br>";
$id = $row['user_id'];
//1. Generate Passcode.
randomize;
$pcde = RAND(10000,99999);
$cryptedx = openssl_encrypt($pcde, $ciphering, $encryption_key, $options, $encryption_iv);
echo "2a<br>";
$sql = "UPDATE user SET passcode=$cryptedx WHERE user_id=$id";
echo "2b<br>";
// Prepare statement
$stmt = $conn->prepare($sql);
echo "2c<br>"; //<error is somewhere here
// execute the query
$stmt->execute();
echo "2d<br>";
}
}
}
}catch(PDOException $e) {echo $e;}

echo "3<br>";
?>


I've used the above before and it's worked ok, so I'm unsure why it's not this time.
I have thought it is the database connection, but ruled this out.
Could anyone please spot what the error maybe?

Thanks.
 
Back
Top