Error in PHP code

Navigation
-2

My code is part of a virtual store project, and is giving the following error:

Thefollowingisthecodebelow:

<?phpclassLoginextendsBD{private$prefixo='ibicor_';private$tabela='loja_clientes';private$email;private$senha;publicfunctionsetEmail($mail){$this->email=$mail;}privatefunctiongetEmail(){return$this->email;}publicfunctionsetSenha($pass){$this->senha=$pass;}privatefunctiongetSenha(){return$this->senha;}privatefunctionvalidar(){$strSQL="SELECT * FROM '".$this->tabela."' WHERE email_log = ? AND senha_log = ?";
        $stmt = self::conn()->prepare($strSQL);
        $stmt->execute(array($this->getEmail(), $this->getSenha()));
        return ($stmt->rowCount() > 0) ? true : false;
    }

    public function logar(){
        if($this->validar()){
            $atualizar = self::conn()->prepare("UPDATE '".$this->tabela."' SET data_log = NOW() WHRE email_log = ? AND senha_log = ?");
            $atualizar->execute(array($this->getEmail(), $this->getSenha()));

            $_SESSION[$this->prefixo.'emailLog'] = $this->getEmail();
            $_SESSION[$this->prefixo.'senhaLog'] = $this->getSenha();
            return true;
        }else{
            return false;   
        }
    }

    public function isLogado(){
        if(isset($_SESSION[$this->prefixo.'emailLog'], $_SESSION[$this->prefixo.'senhaLog'])){
            return true;
        }else{
            return false;
        }
    }

    public function deslogar(){
        if($this->isLogado()){
            unset($_SESSION[$this->prefixo.'emailLog']);
            unset($_SESSION[$this->prefixo.'senhaLog']);
            return true;
        }else{
            return false;
        }
    }
}
?>
    
asked by anonymous 15.09.2017 / 17:22

2 answers

3

E syntax error table names or fields should not be enclosed in single quotation marks. This is true for both select and code update. 

"SELECT * FROM '".$this->tabela."'
               ^                 ^
               |  causa do erro  |
    
15.09.2017 / 17:28
1

At the time of passing the table name passes only the name of it, not involving single quotes .. 

"SELECT * FROM ".$this->tabela." WHERE email_log = ? AND senha_log = ?";

And here too. 

"UPDATE ".$this->tabela." SET data_log = NOW() WHRE email_log = ? AND senha_log = ?"
    
15.09.2017 / 17:31
How to change the colors of Notes using javascript according to the result [closed] UPDATE SQL in C # (Windows Forms)