所以我不确定这里有什么问题,我尝试过多种方式,我无法让它工作,我按照手册但它似乎没有改变,我有一个简单的登录.php,我已经检查了我的查询但它在mysql上工作,我有错误报告,我怀疑它可能是因为我在WAMP服务器上测试这个,但我不确定是否有任何关系请帮忙。
EDITED
<?php
session_start();
ERROR_REPORTING( E_ALL | E_STRICT );
ini_set('display_errors',1);error_reporting(-1);
include_once 'UniversalConnect.php';
class login{
public function __construct()
{
$this->dologin();
}
private function dologin()
{
$name = $_POST['name'];
$pass = $_POST['pass'];
$mysqli = new mysqli("127.0.0.1","root","root","mrt");
var_dump($mysqli);
$sql="SELECT * FROM administradores WHERE nombre_administrador= ? AND password= ?";
$stmt = $mysqli->prepare($sql);
if ( !$stmt ) {
printf('errno: %d, error: %s', $mysqli->errno, $mysqli->error);
die;
}
$stmt->bind_param("ss",$name,$pass);
if ( !$name ) {
printf('errno: %d, error: %s', $stmt->errno, $stmt->error);
}
$stmt->execute();
$stmt->store_result();
if($stmt->num_rows==1)
{
var_dump($rows);
header("location: indexSCAF.html");
else{
$errmsg_arr[] = 'Username and Password are not found';
$errflag = true;
}
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
exit();
}
}
}/*close function dologin*/
}/*close class */
?>
var_dumps的结果给出
string 'admin' (length=5)
string 'test' (length=4)
object(mysqli)[3]
public 'affected_rows' => null
public 'client_info' => null
public 'client_version' => null
public 'connect_errno' => null
public 'connect_error' => null
public 'errno' => null
public 'error' => null
public 'error_list' => null
public 'field_count' => null
public 'host_info' => null
public 'info' => null
public 'insert_id' => null
public 'server_info' => null
public 'server_version' => null
public 'stat' => null
public 'sqlstate' => null
public 'protocol_version' => null
public 'thread_id' => null
public 'warning_count' => null
object(mysqli_stmt)[4]
public 'affected_rows' => null
public 'insert_id' => null
public 'num_rows' => null
public 'param_count' => null
public 'field_count' => null
public 'errno' => null
public 'error' => null
public 'error_list' => null
public 'sqlstate' => null
public 'id' => null
object(mysqli_stmt)[4]
public 'affected_rows' => null
public 'insert_id' => null
public 'num_rows' => null
public 'param_count' => null
public 'field_count' => null
public 'errno' => null
public 'error' => null
public 'error_list' => null
public 'sqlstate' => null
public 'id' => null
null
答案 0 :(得分:0)
您需要在获取结果之前使用bind_result,以便正确获取prepare语句。
$mysqli = new mysqli("127.0.0.1","root","root","mrt");
$sql = " SELECT userId,userName From user WHERE nombre_administrador= ? AND password= ? ";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("ss",$user,$pass);
$stmt->execute();
$stmt->store_result();
if($stmt->num_rows>0)
{
$stmt->bind_result($userId,$userName)
while($stmt->fetch())
{
// success handle result
header("location: indexSACF.html");
}
}
else
{
$errmsg_arr[] = 'Username and Password are not found';
$errflag = true;
}
$stmt->free_result()
$stmt->close();
注意:在查询语句中,永远不要使用select *,因为它不会绑定您的结果。而是使用参数
SELECT userId,userName From user WHERE nombre_administrador= ? AND password= ? ;
有关详细信息,请参阅this