问题描述

我一直在尝试使用准备好的语句在PHP中编写登录表单，但是每次尝试登录时，都会出现以下错误:

I’ve been trying to code a login form in PHP using a prepared statement but every time I try to log in I get the following error:

这是我的代码:

<?php
session_start();

$mysqli = new mysqli("localhost", "root" , "" , "security");
if(mysqli_connect_errno()){
    echo "Wrong" ;
}
if($stmt = $mysqli->prepare("SELECT username AND password FROM users WHERE username =? AND password =?")){
    $username = $_POST['name'];
    $password = $_POST['password'];
    $stmt->bind_param('ss' ,$username ,$password);
    $stmt->execute();
    $stmt->bind_result($password ,$username);
    if($stmt->fetch() == 'true')
    {
        echo "welcome";
    } else{
        echo "wrong password";
    }
}
?>

有人可以告诉我为什么会这样吗?

Can someone tell me why this is happening?

推荐答案

如果这确实是您的代码，则可能$ _POST ["name"]或$ _POST ["password"]是一个数组，因此bind_param绑定多个值.

If that really is your code, it may be that either $_POST["name"] or $_POST["password"] is an array, so that bind_param binds more than just one value.

检查:

var_dump($_POST["name"]);
var_dump($_POST["password"]);

这篇关于mysqli_stmt :: bind_result():绑定变量的数量与准备好的语句中的字段数量不匹配的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！