我知道这与num_rows部分有关,但经过多次尝试,我仍然无法弄清楚这一点。基本上,无论我输入什么,我都会收到"登录失败"的消息。如果我的登录是正确的,我收到登录失败,登录正确。我显然只希望如果用户名/密码不正确的错误。提前感谢任何帮助!
else if(!$error_msg && $_POST['login']){
//Build the SQL query to match the record that matches the password and username
$sql = "SELECT id, username, password_1 FROM members WHERE username = ? AND password_1 = ? LIMIT 1";
//Prepare our query
if($stmt = $mysqli->prepare($sql)){
//Bind the Parameters to the query
$stmt->bind_param('ss', $username, $password_1);
//Execute the query
$result = $stmt->execute();
//If the query doesn't execute
if($result === false){
echo '<p class="error">No Execution</p>';
}
//Bind the results of what the query gave us to our three variables
$stmt->bind_result($id, $username, $password_1);
if($stmt->num_rows !== 1){
echo '<p class="error">Login failed</p>';
}
while($stmt->fetch()){
echo "Hey The query matched a record and you should be signed in now";
echo $id;
echo $username;
echo $password_1;
}//End While
else{
echo $mysqli->error;
echo "No entry found";
}
$mysqli->close();
}
尝试一下,在我的服务器上工作。
你的一些条件语句丢失了,但我相信你可以把它们合并进去。
<?php
DEFINE ('DB_USER', 'xxx');
DEFINE ('DB_PASSWORD', 'xxx');
DEFINE ('DB_HOST', 'xxx');
DEFINE ('DB_NAME', 'xxx');
$mysqli = @mysqli_connect (DB_HOST, DB_USER, DB_PASSWORD, DB_NAME)
OR die("could not connect");
$username = "username"; // replace with actual
$password_1 = "password"; // replace with actual
$sql = "SELECT id, username, password_1 FROM members WHERE username = ? AND password_1 = ? LIMIT 1";
if($stmt = $mysqli->prepare($sql)){
$stmt->bind_param('ss',$username,$password_1);
/* execute query */
$stmt->execute();
/* Store the result (to get properties) */
$stmt->store_result();
/* Get the number of rows */
$num_of_rows = $stmt->num_rows;
/* Bind the result to variables */
$stmt->bind_result($id, $username, $password_1);
if($stmt->num_rows !== 1){
echo '<p class="error">Login failed</p>';
}
while ($stmt->fetch()) {
echo 'ID: '.$id.'<br>';
echo 'Name: '.$username.'<br>';
echo 'Password: '.$password_1.'<br>';
}
/* free results */
$stmt->free_result();
/* close statement */
$stmt->close();
}
/* close connection */
$mysqli->close();