php - Prepared statements and mysqli_query / mysqli_num_rows? -


i trying find out how make code work prepared statements. understood entire process commented code. have in order integrate num_rows , mysqli_query part properly?

function login_check() {      global $connection;      $name = $_post['name'];     $password = $_post['password'];      $query = "select id members name = $name , password = $password";     $stmt = $connection->prepare($query);     $stmt->bind_param('ss', $name, $password);      $stmt->execute();     $stmt->close();      // $result = mysqli_query($connection, $query);     // $rows = mysqli_num_rows($result);      if($rows > 0){         header('location:../../success.php');         exit;     }      else {         header('location:../../failed.php');         exit;     } } 

what tried:

$result = mysqli_query($connection, $stmt); $rows = mysqli_num_rows($result); 

change

$query = "select id members name = $name , password = $password"; 

to

$query = "select `id` `members` `name` = ? , `password` = ?"; 

adding backticks around table , columns prevents mysql reserved words error.

remove $stmt->close();

if( $stmt->num_rows > 0 ) {     $stmt->close();     header('location:../../success.php');     exit(); } else {     $stmt->close();     header('location:../../failed.php');     exit(); } 

adding $stmt->close() inside if statement before header best practice in case. becasue adding before if statement result in $stmt->num_rows returning 0; adding after if statment won't work because exit() prefent executing.

from documentation:

closes prepared statement. mysqli_stmt_close() deallocates statement handle. if current statement has pending or unread results, function cancels them next query can executed.


Comments

Popular posts from this blog

java - UnknownEntityTypeException: Unable to locate persister (Hibernate 5.0) -

python - ValueError: empty vocabulary; perhaps the documents only contain stop words -

ubuntu - collect2: fatal error: ld terminated with signal 9 [Killed] -