php - Prepared statements and mysqli_query / mysqli_num_rows? -
i trying find out how make code work prepared statements. understood entire process commented code. have in order integrate num_rows , mysqli_query part properly?
function login_check() { global $connection; $name = $_post['name']; $password = $_post['password']; $query = "select id members name = $name , password = $password"; $stmt = $connection->prepare($query); $stmt->bind_param('ss', $name, $password); $stmt->execute(); $stmt->close(); // $result = mysqli_query($connection, $query); // $rows = mysqli_num_rows($result); if($rows > 0){ header('location:../../success.php'); exit; } else { header('location:../../failed.php'); exit; } }
what tried:
$result = mysqli_query($connection, $stmt); $rows = mysqli_num_rows($result);
change
$query = "select id members name = $name , password = $password";
to
$query = "select `id` `members` `name` = ? , `password` = ?";
adding backticks around table , columns prevents mysql reserved words error.
remove $stmt->close()
;
if( $stmt->num_rows > 0 ) { $stmt->close(); header('location:../../success.php'); exit(); } else { $stmt->close(); header('location:../../failed.php'); exit(); }
adding $stmt->close()
inside if statement before header best practice in case. becasue adding before if statement result in $stmt->num_rows
returning 0; adding after if statment won't work because exit()
prefent executing.
from documentation:
closes prepared statement. mysqli_stmt_close() deallocates statement handle. if current statement has pending or unread results, function cancels them next query can executed.
Comments
Post a Comment