MYSQLi记录不存在检查

时间:2013-07-06 09:31:47

标签: php mysqli

如果mysqli连接到数据库并且之后 if(!mysqli_stmt_execute($check)){ 如果没有找到记录,它应该返回NULL还是false?

执行此行并检查数据库中是否存在用户后,如果用户或记录不存在则不应返回NULL并退出程序?

如何在不获取整个结果集并循环遍历它的情况下解决此问题?

<?php
     ////////////// ADDED CODE ////////////
     $user_exists = FALSE;
     ///////////////////////////////////////
     $user = null;
     $pass = null;
     /* Connects to your Database */
$mysqli = mysqli_connect("localhost", "dbUser", "dbPassword","dbName");
        if (!$mysqli) {
            echo "Failed to connect to MySQL: (" . $mysqli->errno . ") " . mysqli_connect_error();
            exit();
            }

     /* create a prepared statement */
     $check = mysqli_prepare($mysqli, "SELECT username, password FROM users WHERE username = ?");

     /* bind parameters for markers */
     mysqli_stmt_bind_param($check, "s", $user);
     echo $mysqli->host_info . "Mysql connected: Succes.\n";

     /* Checks if there is a login cookie */
     if (isset($_SESSION['refer'])){$location = $_SESSION['refer'];}
     if(isset($_COOKIE['ID_my_site'])){
        /*if there is, it logs you in and directes you to the members page */
        echo "Yes there is a cookie";
        $user = $_COOKIE['ID_my_site'];
        $pass = $_COOKIE['Key_my_site'];
        }
    /* if the login form is submitted */
       if (isset($_POST['submit'])) {
             echo " Form submitted.";
                 /* if form has been submitted */
                 /* makes sure they filled it in */
      if(!$_POST['username'] | !$_POST['pass']) {
                  die('You did not fill in a required field.');
                        /* close statement */
                        mysqli_stmt_close($check);
                        /* close connection */
                        mysqli_close($mysqli);
                       }
      $user = stripslashes($_POST['username']);
      $pass = stripslashes($_POST['pass']);
      $pass = md5($pass); 
    /* checks it against the database */

    /* execute query */
    if(!mysqli_stmt_execute($check)){
    die('That user does not exist in our database. <a href=Registration.php> Click Here to Register</a>');} 

    /* bind result variables */
    mysqli_stmt_bind_result($check, $user_column, $pass_column);
    /* fetch value */
    /* Gives error if user dosen't exist */
         while(mysqli_stmt_fetch($check)!= NULL){
            /* gives error if the password is wrong */
            $user_exists = TRUE;
            echo " fetch = NOT null --->> ".$user_column;
            if ($pass != $pass_column){
                 /* statement close */
                 mysqli_stmt_close($check);
                 /* close connection */
                 mysqli_close($mysqli);
                 die('Incorrect password, please try again.');
                 }
                }
    if(!$user_exists){
    die('That user does not exist in our database. <a href=Registration.php> Click Here to Register</a>');}

      /* if login is ok then we add a cookie */
      $hour = time() + 3600;
      setcookie(ID_my_site, $user, $hour);
      setcookie(Key_my_site, $pass, $hour);
      /* then redirect them to the members area */
        header("Location: Members.php");
}
  else
    {


    /* if they are not logged in */
    /* added rest of code for convenience */
    ?>
    /* if they are not logged in */
?>
<!DOCTYPE HTML>
<HTML>
<HEAD>
<meta http-equiv="Content-type" content="text/html" charset=utf-8>
<TITLE>Login</TITLE>
<style>
label,section{display:block;margin-top:20px;letter-spacing:2px;}
form {margin:0 auto;width:60%;}
input,textarea{width:55%;height:27px;padding:10px;margin-top:3px;background:#efefef;border:1px solid #dedede;font-size:0.9em;color:#3a3a3a;border-radius:5px;-web-border-radius:5px;-webkit-border-radius:5px;}
textarea{height:213px;}
input:focus,textarea:focus{border:1px solid #97d6eb;}
.body {display:block;margin:0 auto;width:70%;}
#submit {display:block;align:right;width:127px;height:38px;border:1px solid #dedede;margin-top:20px;cursor:pointer;}
#submit:hover {opacity:0.9;border:1px solid #97d6eb;}
</style>
</head>
<body>
<header class="body"><label>Login page.</label></header>
<section class ="body">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
       <label>Username:</label>
       <input name="username" type="text" placeholder="Type your name here." autofocus required>
        <label>Password</label>
        <input name="pass" type="password" placeholder="*******************" autofocus required>
        <input id="submit" name="submit" type="submit" value="Login">
  </form>
</section>
 <footer class="body"><label>Write your footer code here.</label></footer>
</body>
</html>
    <?php
      }
    ?>

2 个答案:

答案 0 :(得分:1)

这实际上并不是一个答案,但我无法忍受这个漫长而多风的传统PHP风格的意大利面。看,有几个代码屏幕,只需从数据库中获取一个值即可!这对我的口味来说很奇怪。

这至少是

的方式 
<?php
/* have all the common routines included */
include 'bootstrap.php';

/* if the login form is submitted */
if (isset($_POST['submit']))
{
    $sql = "SELECT id, password FROM users WHERE username = ?";
    /* let's use some *intelligent* way to deal with database */
    $row = $dbal->getRow($sql, $_POST['username']);

    /* if we got something and password is correct*/
    if ( $row && password_verify($_POST['pass'],$row['password']) )
    {
        /* set user into session and redirect */
        $_SESSION['user'] = $row['id'];
        header("Location: Members.php");
        exit;
    }
}
?>
<!DOCTYPE HTML>
here goes HTML ...

答案 1 :(得分:0)

mysqli_stmt_execute在破坏的查询上返回FALSE,即没有与db的连接,语法错误等等。如果要检查查询是否未返回任何行,则不应使用TRUE / FALSE运算符,也不应使用execute函数本身。您应该使用mysqli_num_rows返回SELECT语句返回的行数。基本上,如果返回的行是0(非假),则应该退出。

相关问题
最新问题