I am receiving the following error:
Warning: mysqli_stmt_bind_result(): Number of bind variables doesn't match number of fields in prepared statement in line 48
Below is line 48
mysqli_stmt_bind_result($stmt, $user_email, $user_pass);
Below is a larger portion of the code
// Using mysql_real_escape_string to ensure that the statements are legal SQL statements that can be stored
$email = mysqli_real_escape_string($con, $_POST['email']);
$password = mysqli_real_escape_string($con, $_POST['password']);
/*
Using Prepared statement to prevent SQL Injection
*/
// Create a perepared statement
if($stmt = mysqli_prepare($con, "SELECT * from admins WHERE user_email=? AND user_pass=?")) {
// Bind the paramaters
mysqli_stmt_bind_param($stmt, "ss", $email, $password);
// Execute the query
mysqli_stmt_execute($stmt);
/*
Usually we would bind the result to be able to retrieve their given value
However, in this case we are not interested in retrieving values from the database
*/
/* fetch value */
mysqli_stmt_fetch($stmt);
/* bind result variables */
mysqli_stmt_bind_result($stmt, $user_email, $user_pass);
echo $user_email;
The connection is properly established and even without condition set in the myqsli_prepare query i still retrieve the same error.
Any help would be greatly appreciated.
The problem is at select you are selecting more than 2 columns and only bind 2 in mysqli_stmt_bind_result
, in other words the numbers of columns in select must be the same number of variables in mysqli_stmt_bind_result
To fix, change
SELECT * from admins WHERE user_email=? AND user_pass=?
To:
SELECT user_mail, user_pass from admins WHERE user_email=? AND user_pass=?"
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.