我正在开发一个php网站。我正在创建登录页面,当我检查登录代码是否有效时,它会打印整个准备行。
输出:
prepare("select * from login_details where user = ? && pass= ?;");
$stmt>bindValue(1, $name); $stmt->bindValue(2, $pass); $stmt->execute;
$row = $stmt->fetchall(PDO::FETCH_ASSOC); while ($row) { echo "
Failed
"; } ?
我的代码是,
<body>
<?php
include 'connect.php';
if(isset($_POST['username']) && isset($_POST['pass'])){
$name=htmlentities($_POST['username']);
$pass=htmlentities($_POST['pass']);
}
$stmt= $dbh->prepare("select * from login_details where user = ? && pass= ?;");
$stmt->bindValue(1, $name);
$stmt->bindValue(2, $pass);
$stmt->execute;
$row = $stmt->fetchall(PDO::FETCH_ASSOC);
while ($row) {
echo "<h2>Failed</h2>";
}
?></body>
答案 0 :(得分:0)
("select * from login_details where user = ? and pass=? ");
这是和而不是&amp;&amp;。您不应该在语句中添加终止分号。