php - 仅在登录不正确时才产生登录错误 - Thinbug

仅在登录不正确时才产生登录错误

时间：2014-03-12 16:44:50

标签： php database mysqli prepared-statement

我知道这与num_rows部分有关但经过多次尝试后我仍然无法解决这个问题。基本上无论我输入什么，我都会收到登录失败的信息。信息。如果我的登录正确，我收到登录失败并登录正确。如果用户名/密码不正确，我显然只想要错误。在此先感谢您的帮助！

else if(!$error_msg && $_POST['login']){
//Build the SQL query to match the record that matches the password and username
    $sql = "SELECT id, username, password_1 FROM members WHERE username = ? AND password_1 = ? LIMIT 1";
//Prepare our query
if($stmt = $mysqli->prepare($sql)){
        //Bind the Parameters to the query
    $stmt->bind_param('ss', $username, $password_1);
    //Execute the query
    $result = $stmt->execute();
        //If the query doesn't execute
    if($result === false){
        echo '<p class="error">No Execution</p>';
    }
        //Bind the results of what the query gave us to our three variables
    $stmt->bind_result($id, $username, $password_1);
    if($stmt->num_rows !== 1){
        echo '<p class="error">Login failed</p>';   
    }
        while($stmt->fetch()){
        echo "Hey The query matched a record and you should be signed in now";
        echo $id;
        echo $username;
        echo $password_1;
    }//End While
    else{
    echo $mysqli->error;
    echo "No entry found";
}
$mysqli->close();           
}

1 个答案:

答案 0 :(得分：1)

尝试一下，在我的服务器上工作。

您缺少某些条件语句，但我相信您可以将它们合并到其中。

<?php
DEFINE ('DB_USER', 'xxx');
DEFINE ('DB_PASSWORD', 'xxx');  
DEFINE ('DB_HOST', 'xxx');
DEFINE ('DB_NAME', 'xxx');

$mysqli = @mysqli_connect (DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) 
OR die("could not connect");

$username = "username"; // replace with actual
$password_1 = "password"; // replace with actual

$sql = "SELECT id, username, password_1 FROM members WHERE username = ? AND password_1 = ? LIMIT 1";

if($stmt = $mysqli->prepare($sql)){

   $stmt->bind_param('ss',$username,$password_1);

   /* execute query */
   $stmt->execute();

   /* Store the result (to get properties) */
   $stmt->store_result();

   /* Get the number of rows */
   $num_of_rows = $stmt->num_rows;

   /* Bind the result to variables */
   $stmt->bind_result($id, $username, $password_1);

if($stmt->num_rows !== 1){
    echo '<p class="error">Login failed</p>';   
}

   while ($stmt->fetch()) {
        echo 'ID: '.$id.'<br>';
        echo 'Name: '.$username.'<br>';
        echo 'Password: '.$password_1.'<br>';
   }

   /* free results */
   $stmt->free_result();

   /* close statement */
   $stmt->close();
}

/* close connection */
$mysqli->close();