如何在使用prepare和execute语句后使用mysqli_fetch_array访问结果?

时间:2017-06-29 06:30:32

标签: php mysqli prepared-statement

此代码片段发出警告:mysqli_fetch_array()要求参数1为mysqli_result,给定布尔值。

$sql =$conn->prepare("SELECT password FROM users WHERE username =?");
$sql->bind_param("s",$pass);
$result=$sql->execute();
$row=mysqli_fetch_array($result);
  if(password_verify($pass,$row[0])&&mysqli_num_rows($result)==1) 
  {
  $_SESSION['username']=$user;
  $_SESSION['success']="Logged in Successfully";
  header("location: notice.php");
  } 
  else 
    $submitErr="Your login credentials are incorrect";

1 个答案:

答案 0 :(得分:0)

use :
$stmt =$conn->prepare("SELECT password FROM users WHERE username =?");
$stmt->bind_param("s",$input_username); //bind the query with input parameter user name
$stmt->execute();
$result=$stmt->store_result();
$stmt->bind_result($selected_password)
$num_row = $stmt->num_rows;
if($num_row > 0)
{
  $stmt->fetch(); // here you will get your selected password
  if(password_verify($input_password,$selected_password))
  {
     //Your action is password verification done
  }
  else
  {
    //wrong password action
  }
}
else
{
   // wrong username password action
}
相关问题
最新问题