出于某种原因,尽管我确定输入的密码和用户名正确,但我的prepare语句似乎未返回任何行或登录。当运行不带prepare语句的代码时,系统将登录。有人会碰巧知道为什么我的prepare语句不起作用,还是应该使用其他方法?

<?php session_start(); ?>
<!DOCTYPE html>
<html>
<head>
    <title>Logged in</title>
</head>
<body>
    <?php

        $user=$_GET["username"];
        $pass=$_GET["password"];


        $servername="localhost";
        $username="root";
        $password="";
        $dbName="db_artzytest";

        $conn=new mysqli($servername, $username, $password, $dbName);

        if($conn->connect_error){
            echo $conn->connect_error;
            die("connection to server not found");
        }else{
            echo "connection established";
        }
        ///finds account with matching login info
        $sql="SELECT * FROM db_users WHERE username='{$user}' AND password='{$pass}' ";


        $sql="SELECT * FROM db_users WHERE username = ? AND password = ?";


        try{
            $stmt = $conn->prepare($sql);
            $stmt->bind_param("ss", $user, $pass);
            $stmt->execute();
      }catch(Exception $e){
          die("prepare failed: " . $e);
      }
        echo 'here';
        //$result = $stmt->store_result();

        printf("Number of rows: %d. \n", $stmt->num_rows);

        //$result=$conn->query($sql);
        echo 'here';
        if( mysqli_num_rows($result) > 0 ){

            while($row=mysqli_fetch_assoc($result)){
                //only logs in if the account is activated
                if($row["isActivated"]==1){

                    $_SESSION["currentUser"]=$user;
                    $_SESSION["currentId"]=$row["id"];
                    $_SESSION["currentPass"]=$pass;

                    //header( 'Location: ../ProfilePage/profilePage.php' );
                    header( 'Location: ../Content/displayGroup.php?group=general' );
                }else{
                    $_SESSION["m_Login"]="Unverified Account. Check your email to verify.";
                    header('Location: Login.php');
                }
            }
            /*
            $sql=" SELECT * FROM table_images WHERE userid = {$_SESSION["currentId"]} ";

            $result=$conn->query($sql);

            if(mysqli_num_rows($result) > 0){
                while($row=mysqli_fetch_assoc($result)){
                    echo "<img style='height: 10vh; width: 10vw;' src='../../images/{$row["id"]}.jpg' />";
                    echo "{$row["imageName"]}</br>";
                }
            }
            */

        }else{
            $_SESSION["m_Login"]="password or username incorrect {$user} {$pass}"  . var_dump(mysqli_stmt_get_result($stmt) );
            header('Location: Login.php');
            echo "no user found";
        }

    ?>
</body>
</html>

最佳答案

您将OO和procdeural混合使用,所以我将假定这是导致您的代码无法按预期执行的原因。

该文档指出:


  仅限于过程样式:mysqli_query(),mysqli_store_result()或mysqli_use_result()返回的结果集标识符。


更改,

if( mysqli_num_rows($result) > 0 ){


至,

if($stmt->num_rows($result) > 0 ) {


那应该解决问题。

关于php - 为什么我的prepare语句不起作用?,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/45777042/

10-13 08:37