我收到以下错误:
Warning: mysqli_stmt_bind_result(): Number of bind variables doesn't match number of fields in prepared statement in line 48
以下是第48行
mysqli_stmt_bind_result($stmt, $user_email, $user_pass);
以下是代码的更大部分
// Using mysql_real_escape_string to ensure that the statements are legal SQL statements that can be stored
$email = mysqli_real_escape_string($con, $_POST['email']);
$password = mysqli_real_escape_string($con, $_POST['password']);
/*
Using Prepared statement to prevent SQL Injection
*/
// Create a perepared statement
if($stmt = mysqli_prepare($con, "SELECT * from admins WHERE user_email=? AND user_pass=?")) {
// Bind the paramaters
mysqli_stmt_bind_param($stmt, "ss", $email, $password);
// Execute the query
mysqli_stmt_execute($stmt);
/*
Usually we would bind the result to be able to retrieve their given value
However, in this case we are not interested in retrieving values from the database
*/
/* fetch value */
mysqli_stmt_fetch($stmt);
/* bind result variables */
mysqli_stmt_bind_result($stmt, $user_email, $user_pass);
echo $user_email;
连接已正确建立,即使myqsli_prepare查询中没有设置条件,我仍然会检索相同的错误。
非常感谢任何帮助。
答案 0 :(得分:0)
选择问题是,您选择的列数超过2列,只在mysqli_stmt_bind_result中绑定2,换句话说,select中的列数必须与mysqli_stmt_bind_result中的变量数相同
要修复,请更改
SELECT * from admins WHERE user_email=? AND user_pass=?
要:
SELECT user_mail, user_pass from admins WHERE user_email=? AND user_pass=?"