I am trying to use MySQLi with my website and I am writting a login script. Now i have a problem with num_rows always returning value 0
So this is my code
if($query = $mysqli->prepare("SELECT 'password','ban' FROM users WHERE 'username'=? LIMIT 1")){
$query->bind_param('s', $username);
$query->execute();
$query->bind_result($db_password,$ban);
$query->store_result();
$query->fetch();
$numrows = $query->num_rows;
if($numrows == 1){
if($ban == 0)
{
if($db_password == $password)
{
$_SESSION['login'] = 'ok';
//$_SESSION['id'] = $id;
//$_SESSION['realname'] = preg_replace("/[^a-zA-Z0-9_\-]+/","",$realname);
header("Location: /ematura/index.php");
$query->close();
}else{
die("Napaka");
}
}else{
die("Račun zaklenjen");
}
}
My question is, why is num_rows always 0, even though the user exists?
列名不应使用单引号或双引号引起来,而是可以使用反引号(`)
SELECT `password`,`ban` FROM users WHERE `username`=? LIMIT 1
I don't think you are binding correctly, try changing to: $query->bind_param(1, $username);
From: http://php.net/manual/en/pdostatement.bindparam.php
public bool PDOStatement::bindParam ( mixed $parameter , mixed &$variable [, int $data_type = PDO::PARAM_STR [, int $length [, mixed $driver_options ]]] )
parameter
Parameter identifier. For a prepared statement using named placeholders, this will be a parameter name of the form :name. For a prepared statement using question mark placeholders, this will be the 1-indexed position of the parameter.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.