我使用MySQLi进行一些数据库处理,我不明白为什么我的代码无效。
// new connection
$mysqli = new mysqli(
$config['database']['connect']['host'],
$config['database']['connect']['username'],
$config['database']['connect']['password'],
$config['database']['connect']['name']
);
// verify connection
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
// create prepared statement
if ($stmt = $mysqli->prepare('SELECT password FROM login_users WHERE user_name = ? LIMIT 1')) {
$stmt->bind_param('s', $username);
$username = 'gooduser';
$password = md5('goodpass');
$stmt->execute();
$stmt->store_result();
$_SESSION['messages'][] = 'Num rows: ' . $stmt->num_rows;
$stmt->bind_result($pass);
$_SESSION['messages'][] = 'Line 67';
while ($stmt->fetch()) {
$_SESSION['messages'][] = 'Line 69';
if ($password == $pass) {
$_SESSION['messages'][] = 'Success!';
}
else {
$_SESSION['messages'][] = 'Bad pass';
}
}
$_SESSION['messages'][] = 'Line 77';
header('Location: ' . $_SESSION['redirect']);
$stmt->close();
}
$mysqli->close();
使用“gooduser”和“goodpass”的用户名,这应该返回正确的行,它应该从那里开始工作。请注意$ _SESSION ['messages']是我的消息跟踪器。输出消息时,我得到了这个输出:
Num rows: 0
Line 67
Line 77
它正在跳过while循环,因为Num行为0。 当通过查询更改片段以不使用绑定参数时,它可以工作:
// create prepared statement
if ($stmt = $mysqli->prepare('SELECT password FROM login_users WHERE user_name = "gooduser" LIMIT 1')) {
//$stmt->bind_param('s', $username);
//$username = 'gooduser';
$password = md5('goodpass');
返回:
Num rows: 1
Line 67
Line 69
Success!
Line 77
有人在乎解释我在这里做错了什么吗?我正在尝试制作一个简单的登录脚本。
编辑:这是表结构:
-- Table structure for table `login_users`
--
CREATE TABLE `login_users` (
`user_id` int(11) NOT NULL auto_increment,
`user_name` varchar(30) NOT NULL default '',
`password` varchar(70) NOT NULL default '',
PRIMARY KEY (`user_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=5 ;
更新:通过各种来源,尽管文档说明了v4.1,但看起来像v4.1.3中提供了MySQLi的完整功能集。某些功能有效,但其他功能(如bind_param)则不然。我已经和我的主人谈过了,我希望升级到最新版本。
答案 0 :(得分:0)
在致电$username = 'gooduser';
之前,您需要设置$stmt->bind_param('s', $username);
,经过测试并且有效。
EDIT 对我来说,下面的工作,请复制粘贴到你的文件,看看你得到什么输出
<?php
ini_set('display_errors',1);
error_reporting(E_ALL);
// new connection
$mysqli = new mysqli(
$config['database']['connect']['host'],
$config['database']['connect']['username'],
$config['database']['connect']['password'],
$config['database']['connect']['name']
);
// verify connection
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
// create prepared statement
if ($stmt = $mysqli->prepare('SELECT password FROM login_users WHERE user_name = ? LIMIT 1')) {
$username = 'gooduser';
$password = md5('goodpass');
$stmt->bind_param('s', $username);
$stmt->execute();
$stmt->store_result();
$_SESSION['messages'][] = 'Num rows: ' . $stmt->num_rows;
$stmt->bind_result($pass);
$_SESSION['messages'][] = 'Line 67';
while ($stmt->fetch()) {
$_SESSION['messages'][] = 'Line 69';
if ($password == $pass) {
$_SESSION['messages'][] = 'Success!';
}
else {
$_SESSION['messages'][] = 'Bad pass';
}
}
$_SESSION['messages'][] = 'Line 77';
//header('Location: ' . $_SESSION['redirect']);
$stmt->close();
}
$mysqli->close();
var_dump($_SESSION);
返回:
array(1) {
["messages"]=>
array(5) {
[0]=>
string(11) "Num rows: 1"
[1]=>
string(7) "Line 67"
[2]=>
string(7) "Line 69"
[3]=>
string(8) "Success!"
[4]=>
string(7) "Line 77"
}
}