Re: [PHP-DB] Re: [PHP] A prepared statements question
Why don't using consider using PDO for this purpose? Examples can be found
here: http://au.php.net/manual/en/pdo.prepare.php
On Sun, Jul 12, 2009 at 2:52 PM, Daniel Brown danbr...@php.net wrote:
[Redirected to PHP-DB: php...@lists.php.net]
On Sun, Jul 12, 2009 at 00:31, Jason Carsonja...@jasoncarson.ca wrote:
Hello everyone,
I am having a problem getting my prepared statements working. Here is my
setup...
index.php - authenticate.php - admin.php
1)index.php has a login form on it so when someone enters their username
the form redirects to another page I call authenticate.php.
2)In the authenticate.php file I want to use prepared statements to
interact with the MySQL database. I want to compare the username
submitted
from the form with the username in the database.
3)If the login username was legitimate then you are forwarded to
admin.php
Its step 2 I am having problems with. Here is what I have but I don't
think it makes any sense and it doesn't work.
$link = mysqli_connect($hostname, $dbusername, $password, $database);
$stmt = mysqli_prepare($link, SELECT * FROM administrators WHERE
adminusers=?);
mysqli_stmt_bind_param($stmt, 's', $username);
$result = mysqli_stmt_execute($stmt);
$count=mysqli_num_rows($result);
if($count==1){
header(location:admin.php);
} else {
echo Failure;
}
Any help is appreciated.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
/Daniel P. Brown
daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Check out our great hosting and dedicated server deals at
http://twitter.com/pilotpig
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Re: [PHP] A prepared statements question
[Redirected to PHP-DB: php...@lists.php.net]
On Sun, Jul 12, 2009 at 00:31, Jason Carsonja...@jasoncarson.ca wrote:
Hello everyone,
I am having a problem getting my prepared statements working. Here is my
setup...
index.php - authenticate.php - admin.php
1)index.php has a login form on it so when someone enters their username
the form redirects to another page I call authenticate.php.
2)In the authenticate.php file I want to use prepared statements to
interact with the MySQL database. I want to compare the username submitted
from the form with the username in the database.
3)If the login username was legitimate then you are forwarded to admin.php
Its step 2 I am having problems with. Here is what I have but I don't
think it makes any sense and it doesn't work.
$link = mysqli_connect($hostname, $dbusername, $password, $database);
$stmt = mysqli_prepare($link, SELECT * FROM administrators WHERE
adminusers=?);
mysqli_stmt_bind_param($stmt, 's', $username);
$result = mysqli_stmt_execute($stmt);
$count=mysqli_num_rows($result);
if($count==1){
header(location:admin.php);
} else {
echo Failure;
}
Any help is appreciated.
The main problem is you are not testing your results. With that code
you do not even know if you have a connection or not. I'd say there is
a good chance you do not have error reporting enabled or you would have
picked up the error straight away.
mysqli_stmt_execute returns a boolean indicating success or failure.
You are trying to use it as a result set, which will not work. Replace:
$count=mysqli_num_rows($result);
with:
mysqli_stmt_store_result($stmt);
$count = mysqli_stmt_num_rows($stmt);
--
/Daniel P. Brown
daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Check out our great hosting and dedicated server deals at
http://twitter.com/pilotpig
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Niel Archer
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Re: [PHP] A prepared statements question
[Redirected to PHP-DB: php...@lists.php.net]
On Sun, Jul 12, 2009 at 00:31, Jason Carsonja...@jasoncarson.ca wrote:
Hello everyone,
I am having a problem getting my prepared statements working. Here is
my
setup...
index.php - authenticate.php - admin.php
1)index.php has a login form on it so when someone enters their
username
the form redirects to another page I call authenticate.php.
2)In the authenticate.php file I want to use prepared statements to
interact with the MySQL database. I want to compare the username
submitted
from the form with the username in the database.
3)If the login username was legitimate then you are forwarded to
admin.php
Its step 2 I am having problems with. Here is what I have but I don't
think it makes any sense and it doesn't work.
$link = mysqli_connect($hostname, $dbusername, $password, $database);
$stmt = mysqli_prepare($link, SELECT * FROM administrators WHERE
adminusers=?);
mysqli_stmt_bind_param($stmt, 's', $username);
$result = mysqli_stmt_execute($stmt);
$count=mysqli_num_rows($result);
if($count==1){
header(location:admin.php);
} else {
echo Failure;
}
Any help is appreciated.
The main problem is you are not testing your results. With that code
you do not even know if you have a connection or not. I'd say there is
a good chance you do not have error reporting enabled or you would have
picked up the error straight away.
mysqli_stmt_execute returns a boolean indicating success or failure.
You are trying to use it as a result set, which will not work. Replace:
$count=mysqli_num_rows($result);
with:
mysqli_stmt_store_result($stmt);
$count = mysqli_stmt_num_rows($stmt);
--
/Daniel P. Brown
daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Check out our great hosting and dedicated server deals at
http://twitter.com/pilotpig
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Niel Archer
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
That did it, everything is working now. Thank you very much :-)
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: [PHP] A prepared statements question
[Redirected to PHP-DB: php...@lists.php.net]
On Sun, Jul 12, 2009 at 00:31, Jason Carsonja...@jasoncarson.ca wrote:
Hello everyone,
I am having a problem getting my prepared statements working. Here is my
setup...
index.php - authenticate.php - admin.php
1)index.php has a login form on it so when someone enters their username
the form redirects to another page I call authenticate.php.
2)In the authenticate.php file I want to use prepared statements to
interact with the MySQL database. I want to compare the username submitted
from the form with the username in the database.
3)If the login username was legitimate then you are forwarded to admin.php
Its step 2 I am having problems with. Here is what I have but I don't
think it makes any sense and it doesn't work.
$link = mysqli_connect($hostname, $dbusername, $password, $database);
$stmt = mysqli_prepare($link, SELECT * FROM administrators WHERE
adminusers=?);
mysqli_stmt_bind_param($stmt, 's', $username);
$result = mysqli_stmt_execute($stmt);
$count=mysqli_num_rows($result);
if($count==1){
header(location:admin.php);
} else {
echo Failure;
}
Any help is appreciated.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
/Daniel P. Brown
daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
Check out our great hosting and dedicated server deals at
http://twitter.com/pilotpig
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
