I'm a little confused. When I do this below and the username is test@test.com it won't find anything even if the record exists. I realise I need to add quotes but I can't work out where, could someone please point this out.
$stmt = $db->prepare("SELECT USER_ID, USERNAME, PASSWORD, SALT, EMAIL FROM USERS WHERE USERNAME = :username LIMIT 1");
$stmt->bindValue(':username', $username);
$stmt->execute();
$results = $stmt->fetch(PDO::FETCH_ASSOC);
Many thanks
edit: as pointed out below I have tried bindParam as well.
edit 2: solved -I have solved it! I was looking at the wrong column in the DB, sorry guys/girls it's been a long night :( thanks for your help!
I guess, the username column is something like test and the email column has the value test@test.com.
If you test for test@test.com, I suspect you must compare against the email column
SELECT USER_ID, USERNAME, PASSWORD, SALT, EMAIL FROM USERS WHERE EMAIL = :username LIMIT 1
If you really want to test for the username, $username should presumably be test.