PHP准备语句问题

时间:2014-01-31 15:58:27

标签: php prepared-statement

慢慢习惯PHP预处理语句,但仍然会出现此错误

  

“警告:mysqli_stmt :: bind_result():绑定变量数与第20行中C:\ Users \ PC \ Documents \ XAMPP \ htdocs \ login.php中预准备语句中的字段数不匹配。”< / p>

 <?php

 $mysqli = new mysqli('localhost', 'c3337015', 'c3337015', 'members');

if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
    }

 if(isset($_GET['loginEmail'])){

 session_start();

    $stmt = $mysqli->prepare("SELECT Email FROM members WHERE Email=? AND  Password=? LIMIT 1");
    $email = $_GET['loginEmail'];
    $password = $_GET['loginPassword'];
    $password = sha1($password);
    $stmt->bind_param('ss', $email, $password);
    $stmt->execute();
    $stmt->bind_result($email, $password);
    $stmt->store_result();
    if($stmt->num_rows == 1)  //To check if the row exists
        {
            while($stmt->fetch()) //fetching the contents of the row

              {$_SESSION['Logged'] = 1;
               $_SESSION['Email'] = $email;
               header('Location: index.php');
               exit();
               }
        }
        else {
            echo "Wrong Username or Password!";
        }
        $stmt->close();
    }
    else 
    {   
    echo "Something went Wrong";
    }
$mysqli->close();
?>

1 个答案:

答案 0 :(得分:1)

$stmt->bind_result($email, $password);

你绑定了两个变量,但只要求一个:SELECT Email FROM members

我还建议为bind_result使用不同的变量,因为它和bind_param都适用于引用。

$stmt->bind_result($userEmail);