Php 参数化查询未将值传递给$row数组
第一次在这里张贴海报。我有一个php登录脚本,但我的SQL查询不会将任何值传递给我的$row数组Php 参数化查询未将值传递给$row数组,php,mysqli,Php,Mysqli,第一次在这里张贴海报。我有一个php登录脚本,但我的SQL查询不会将任何值传递给我的$row数组 <?php require 'functions/security.php'; require('db/connection.php'); session_start(); if(isset($_POST['username'])) { $username = $_POST['username']; $password = $_POST['password'];
<?php
require 'functions/security.php';
require('db/connection.php');
session_start();
if(isset($_POST['username'])) {
$username = $_POST['username'];
$password = $_POST['password'];
if($results = $db->query("SELECT userID, username, password
FROM users
WHERE username = ?")){
if($results->num_rows) {
$results->bind_param('s', $username);
$results->execute();
while($row = $results->fetch_row()) {
$userID = $row[0];
$dbUsername = $row[1];
$dbPassword = $row[2];
}
$results->free();
}
}
if($username == $dbUsername && password_verify($password, $dbPassword)) {
$_SESSION['username'] = $username;
$_SESSION['userID'] = $userID;
header('Location: index.php');
} else {
echo "<h2>Oops!</h2>";
}
}
?>
我已经看了bind_param的文档一段时间了;我对php非常陌生,所以很可能我遗漏了一些愚蠢的东西,但我一辈子都搞不清楚是什么
编辑
好吧,我没拿到结果。这就解决了这个问题。谢谢
您不能同时执行和查询。您案例中的query
应该是prepare
db->query("SELECT userID, username, password FROM users WHERE username = ?");
应该是
$stmt = $db->stmt_init();
$stmt->prepare("SELECT userID, username, password FROM users WHERE username = ?");
stmt
是使用连接准备查询时返回的对象
$conn= $db->stmt_init();
$stmt= $conn->prepare("SELECT userID, username, password
FROM users
WHERE username = ?");
$stmt->bind_param('s', $username);
$stmt->execute();
$stmt->bind_result($userID, $dbUsername, $dbPassword);
if($stmt->fetch()) {//notice you dont need a loop for single row
printf("%s %s %s", $userID, $dbUsername, $dbPassword);
}
...
谢谢你的评论。我尽了最大努力并实现了您的建议,但它仍然无法将结果绑定到我请求的字符串。我将在OP中发布编辑。您使用哪些SQL和工具?请添加此信息好吗?$db
与$conn
不匹配
$conn= $db->stmt_init();
$stmt= $conn->prepare("SELECT userID, username, password
FROM users
WHERE username = ?");
$stmt->bind_param('s', $username);
$stmt->execute();
$stmt->bind_result($userID, $dbUsername, $dbPassword);
if($stmt->fetch()) {//notice you dont need a loop for single row
printf("%s %s %s", $userID, $dbUsername, $dbPassword);
}
...