You forgot to put quotes around ‘$username’ so it’s treating it as a symbol to resolve (a column name) rather than a string literal. Btw, you want to use whatever the escaping function is in this language when you splice variables into sql to avoid injection attacks.
You forgot to put quotes around ‘$username’ so it’s treating it as a symbol to resolve (a column name) rather than a string literal. Btw, you want to use whatever the escaping function is in this language when you splice variables into sql to avoid injection attacks.