stackoverflow.com的问候社区。
我试图学习预备语句,但我收到了错误消息 我无法解决。我知道这是什么错误,显然,但我不知道如何解决它。
错误消息:警告:mysqli_stmt :: bind_result():绑定变量的数量与第69行中预准备语句中的字段数不匹配
<?php
if(isset($_POST["submit"])){
//Connect
$mysqli = new mysqli("localhost", "member", "xxxxxx", "websecurity");
if($mysqli->connect_errno) {
die("Connect failed: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error);
}
//Submitt pushed
if(!empty($_POST['user']) && !empty($_POST['pass'])) {
$user= strip_tags($_POST['user']);
$pass= strip_tags($_POST['pass']);
$user = $mysqli->real_escape_string($user);
$pass = $mysqli->real_escape_string($pass);
// Prepare
$sql = "SELECT * FROM login WHERE username = ? AND password = ?";
$stmt = $mysqli->prepare($sql);
if(!$stmt) {
die("Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error);
}
//Prepared statements
$bind_result = $stmt->bind_param("ss", $user, $pass);
if(!$bind_result) {
echo "Bind failed: (" . $stmt->errno . ") " . $stmt->error;
}
//Lets execute this
//Give a value to statements
$user =0;
$pass ='';
$execute_result = $stmt->execute();
if(!$execute_result) {
echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
// This line-> $stmt->bind_result($user, $pass);
$success = mysqli_query($connectt, $sql) or die (mysqli_error($connectt));
if (mysqli_num_rows($success) === 1){
mysqli_query($connectt, $sql) or die (mysqli_error($connectt));
mysqli_close ($connectt);
header("Location: index.php");
}
else {
echo "Wrong name!";
}
$stmt->free_result();
$stmt->close();
}
}
?>
这是一种登录形式,如您所知。 HTML不相关,所以我不会发布它,但我会发布包含连接文件。希望比我受过更多教育的人能够发现我无法看到的错误,以及我是否遗漏了任何重要的错误。
包括:
<?php
$connectt = mysqli_connect("localhost","member","xxxxxx","websecurity");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
?>
答案 0 :(得分:1)
请尝试以下代码:
<强>更新
<?php
if(isset($_POST["submit"])){
//Connect
$mysqli = new mysqli("localhost", "member", "xxxxxx", "websecurity");
if($mysqli->connect_errno) {
die("Connect failed: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error);
}
//Submitt pushed
if(!empty($_POST['username']) && !empty($_POST['password'])) {
$username= strip_tags($_POST['username']);
$password= strip_tags($_POST['password']);
$username = $mysqli->real_escape_string($username);
$password = $mysqli->real_escape_string($password);
// Prepare
$sql = "SELECT username,password FROM login WHERE username = ? AND password = ?";
$stmt = $mysqli->prepare($sql);
$bind_result = $stmt->bind_param("ss", $username, $password);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows === 1){
header("Location: index.php");
}
else {
echo "Wrong name!";
}
$stmt->free_result();
$stmt->close();
}
}
?>
<强>之前
<?php
if(isset($_POST["submit"])){
//Connect
$mysqli = new mysqli("localhost", "member", "xxxxxx", "websecurity");
if($mysqli->connect_errno) {
die("Connect failed: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error);
}
//Submitt pushed
if(!empty($_POST['username']) && !empty($_POST['password'])) {
$username= strip_tags($_POST['username']);
$password= strip_tags($_POST['password']);
$username = $mysqli->real_escape_string($username);
$password = $mysqli->real_escape_string($password);
// Prepare
$sql = "SELECT username,password FROM login WHERE username = ? AND password = ?";
$stmt = $mysqli->prepare($sql);
if(!$stmt) {
die("Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error);
}
//Prepared statements
$bind_result = $stmt->bind_param("ss", $username, $password);
if(!$bind_result) {
echo "Bind failed: (" . $stmt->errno . ") " . $stmt->error;
}
//Lets execute this
//Give a value to statements
$username =0;
$password ='';
$execute_result = $stmt->execute();
if(!$execute_result) {
echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
}
$stmt->bind_result($username, $password);
$success = mysqli_query($connectt, $sql) or die (mysqli_error($connectt));
if (mysqli_num_rows($success) === 1){
mysqli_query($connectt, $sql) or die (mysqli_error($connectt));
mysqli_close ($connectt);
header("Location: index.php");
}
else {
echo "Wrong name!";
}
$stmt->free_result();
$stmt->close();
}
}
?>