我对Prepared Select Statement存在问题,并存储和获取结果。以下代码允许用户登录。代码首先检查数据库中是否存在匹配的记录,然后将用户重定向到“欢迎”页面。我很确定问题出在以下声明中:$ stmt-> num_rows;然后从$ stmt中获取结果。任何帮助将不胜感激。
我有以下代码:
if ($user == "" || $pass == "")
{
$error = "<span class='error'>You must enter the username and password</span><br /><br />";
}
else
{
$query = "SELECT UserName,Password,Role FROM Users
WHERE UserName=? AND Password=?";
$stmt = $db->prepare($query);
$stmt->bind_param("ss", $user, $pass);
$stmt->execute();
$stmt->store_result();
$stmt->num_rows;
if ($stmt == 0)
{
$error = "<span class='error'>Incorrect Username/Password
</span><br /><br />";
}
else
{ for ($i=0; $i <$stmt; $i++) {
$row = $stmt->fetch_assoc();
$role = $row['Role'];
$_SESSION['user'] = $user;
$_SESSION['pass'] = $pass;
$_SESSION['role'] = $role;
header( "Location: welcome.php" ); //will redirect to pool list after succesful login
die ("You are now logged in. ");
}
}
}
}
答案 0 :(得分:0)
似乎我明白了。代码如下:
$query = "SELECT UserName,Password,Role FROM Users
WHERE UserName=? AND Password=?";
$stmt = $db->prepare($query);
$stmt->bind_param("ss", $user, $pass);
$stmt->execute();
$stmt->store_result();
$numrows = $stmt->num_rows;
$stmt->bind_result($user, $pass, $role);
if ($numrows == 0)
{
$error = "<span class='error'>Incorrect Username/Password
</span><br /><br />";
}
else
{ for ($i=0; $i <$numrows; $i++) {
$row = $stmt->fetch();
$_SESSION['user'] = $user;
$_SESSION['pass'] = $pass;
$_SESSION['role'] = $role;
header( "Location: welcome.php" ); //will redirect to pool list after succesful login
die ("You are now logged in. Please <a href='members.php?view=$user'>" .
"click here</a> to continue.<br /><br />");