Mysqli准备语句错误?

时间:2014-08-08 17:42:06

标签: php mysqli

我用准备好的陈述遇到了这个错误,我刚刚开始准备好的陈述,所以请轻松告诉我,这是错误:

  

警告:mysqli_stmt :: bind_result():绑定变量的数量与第31行的C:\ wamp \ www \ darkhorizo​​ns \ login.php中预准备语句中的字段数不匹配

继承我的代码:

if (isset($_POST['submit'])){

$username = $_POST['username'];
$password = $_POST['password'];

if(isset($username) && isset($password)) {

   $mysqli = new mysqli("localhost","root","","phplogin") or die("Couldnt connect!");
    if(mysqli_connect_errno()){
        echo "Connection failed: ". mysqli_connect_errno();
        exit();
    }

    if($stmt = $mysqli -> prepare("SELECT * FROM users WHERE username =? AND password      =? LIMIT 1")){
    $stmt -> bind_param("ss", $username, $password);
    $stmt -> execute();

    $stmt -> bind_result($result);
    $stmt -> fetch();



    $numrows = mysqli_num_rows($result);

} else {
    die("Please enter a username and password!");
}

if($numrows == 1){

    $_SESSION['username'] = $_POST['username'];
    $_SESSION['loggedin'] = true ;

    $query = "SELECT adminflag FROM users WHERE username = '{$_SESSION['username']}' LIMIT 1;";
    $result2 = mysqli_query($connect, $query);
    $numrows2 = mysqli_num_rows($result2);

    if ($numrows2 == 1) {
        $_SESSION['isadmin'] = true;
    }

    header("Location: {$pageLoc}");
    exit(); //It's good to use exit or die (same thing) AFTER using header to redirect

} else {


}

    }
    }

作为旁注,请忽略准备好的声明下面的代码中的任何错误,重新编写我一直用来学习的登录脚本。

1 个答案:

答案 0 :(得分:2)

通过你的代码,你真的不需要两次查询你的数据库,你应该阅读同一个选择中的adminflag

SELECT *永远不是一个好主意,总是选择特定字段。

我也注意到你使用的是两种不同的风格,我建议你坚持使用面向对象的方法。

<?php
if (isset($_POST['submit'], $_POST['username'] , $_POST['password'])){

$username = $_POST['username'];
$password = $_POST['password'];

$mysqli = new mysqli("localhost","root","","phplogin");

/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

$query = "SELECT adminflag FROM users WHERE username = ? AND password = ? LIMIT 1";
if ($stmt = $mysqli->prepare($query)) {
    $stmt -> bind_param("ss", $username, $password);
    $stmt->execute();

        $stmt->store_result();
        $numrows = $stmt->num_rows;
        printf("Number of rows: %d.\n", $numrows );

    if($numrows == 1){
        $stmt->bind_result($admin_flag);
        $stmt->fetch();
        session_start();
        if ($admin_flag== 1) {
            $_SESSION['isadmin'] = true;
        }
        $_SESSION['username'] = $username;
        $_SESSION['loggedin'] = true ;
        header("Location: {$pageLoc}");
    }else{
        echo 'user not found';
    }

}
$stmt->close();
$mysqli->close();
}else{
    echo 'required field missing';
}
?>
相关问题
最新问题