MySQLi SELECT bound params not returning a row
I am using MySQLi for some database handling and I don't understand why my code isn't working.
// new connection
$mysqli = new mysqli(
$config['database']['connect']['host'],
$config['database']['connect']['username'],
$config['database']['connect']['password'],
$config['database']['connect']['name']
);
// verify connection
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
// create prepared statement
if ($stmt = $mysqli->prepare('SELECT password FROM login_users WHERE user_name = ? LIMIT 1')) {
$stmt->bind_param('s', $username);
$username = 'gooduser';
$password = md5('goodpass');
$stmt->execute();
$stmt->store_result();
$_SESSION['messages'][] = 'Num rows: ' . $stmt->num_rows;
$stmt->bind_result($pass);
$_SESSION['messages'][] = 'Line 67';
while ($stmt->fetch()) {
$_SESSION['messages'][] = 'Line 69';
if ($password == $pass) {
$_SESSION['messages'][] = 'Success!';
}
else {
$_SESSION['messages'][] = 'Bad pass';
}
}
$_SESSION['messages'][] = 'Line 77';
header('Location: ' . $_SESSION['redirect']);
$stmt->close();
}
$mysqli->close();
With a username of "gooduser" and "goodpass", this should return the correct row and it should work from there. Note that $_SESSION['messages'] is my message tracker. When outputting the messages, I get this output:
Num rows: 0
Line 67
Line 77
It is skipping the while-loop because Num rows is 0. When changing the snippet by the query to not use bound params, it works:
// create prepared statement
if ($stmt = $mysqli->prepare('SELECT password FROM login_users WHERE user_name = "gooduser" LIMIT 1')) {
//$stmt->bind_param('s', $username);
//$username = 'gooduser';
$password = md5('goodpass');
This returns:
Num rows: 1
Line 67
Line 69
Success开发者_如何转开发!
Line 77
Anyone care to explain what I am doing wrong here? I am attempting to make a simple login script.
EDIT: Here is the table structure:
-- Table structure for table `login_users`
--
CREATE TABLE `login_users` (
`user_id` int(11) NOT NULL auto_increment,
`user_name` varchar(30) NOT NULL default '',
`password` varchar(70) NOT NULL default '',
PRIMARY KEY (`user_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=5 ;
UPDATE: Through various sources, it looks like the full feature set of MySQLi is available in v4.1.3, despite the documentation stating v4.1. Some features work, but others (such as bind_param) do not. I've already talked to my host and I am looking to upgrade to the latest version.
You need to set $username = 'gooduser'; before you call $stmt->bind_param('s', $username);
, tested and works .
EDIT for me the following works , please copy paste it over you're file and see what output you get
<?php
ini_set('display_errors',1);
error_reporting(E_ALL);
// new connection
$mysqli = new mysqli(
$config['database']['connect']['host'],
$config['database']['connect']['username'],
$config['database']['connect']['password'],
$config['database']['connect']['name']
);
// verify connection
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
// create prepared statement
if ($stmt = $mysqli->prepare('SELECT password FROM login_users WHERE user_name = ? LIMIT 1')) {
$username = 'gooduser';
$password = md5('goodpass');
$stmt->bind_param('s', $username);
$stmt->execute();
$stmt->store_result();
$_SESSION['messages'][] = 'Num rows: ' . $stmt->num_rows;
$stmt->bind_result($pass);
$_SESSION['messages'][] = 'Line 67';
while ($stmt->fetch()) {
$_SESSION['messages'][] = 'Line 69';
if ($password == $pass) {
$_SESSION['messages'][] = 'Success!';
}
else {
$_SESSION['messages'][] = 'Bad pass';
}
}
$_SESSION['messages'][] = 'Line 77';
//header('Location: ' . $_SESSION['redirect']);
$stmt->close();
}
$mysqli->close();
var_dump($_SESSION);
returns :
array(1) {
["messages"]=>
array(5) {
[0]=>
string(11) "Num rows: 1"
[1]=>
string(7) "Line 67"
[2]=>
string(7) "Line 69"
[3]=>
string(8) "Success!"
[4]=>
string(7) "Line 77"
}
}
加载中,请稍侯......
精彩评论