dongqiangou5724 2018-02-11 17:31
浏览 117
已采纳

为什么mysqli_stmt_num_rows函数返回0?

I am trying to create a login page, but I'm having some issues using prepared statements to secure the login. I have the following code:

$sql = "SELECT * FROM users WHERE user_email=?";
$stmt = mysqli_stmt_prepare($db, $sql);
mysqli_stmt_bind_param($stmt, "s", $email);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$resultCheck = mysqli_stmt_num_rows($stmt);

The problem occurs when checking if the result check variable is less than 1. It shouldn't be 0, but it is. I don't understand why, as the database has an email with the value test@test.com, but when trying to enter that the $resultCheck variable still returns 0. I'm guessing it has to do with the prepared statements.

  • 写回答

1条回答 默认 最新

  • dongying6896 2018-02-11 19:05
    关注

    The client has no idea how many rows are in the result until they are fetched.

    You can make the client pre-fetch all rows of the result by using mysqli_stmt_store_result(). Then you can use num-rows. 

    $sql = "SELECT * FROM users WHERE user_email=?";
$stmt = mysqli_prepare($db, $sql);
mysqli_stmt_bind_param($stmt, "s", $email);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
$resultCheck = mysqli_stmt_num_rows($stmt);

echo "result num_rows = $resultCheck
";

    This echo correctly produces the answer "1".

    But if you do use store-result, for some reason you can't also use get-result. So you can't use result methods like fetch_assoc — you have to bind_result into variables by reference and use fetch().

    By the way, mysqli_stmt_prepare() takes a statement object as its first argument, not the $db connection. Whereas mysqli_prepare() takes a connection object. Again, a confusing usage of mysqli functions.

    I don't like mysqli. It's hard to use and has confusing traps of inexplicable behavior. I don't like how bind_param and bind_result make my code seem cluttered.

    I prefer using PDO. It's much easier.

    $sql = "SELECT * FROM users WHERE user_email=?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$email]);
$result = $stmt->fetchAll();
$rowCount = $stmt->rowCount();
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 smptlib使用465端口发送邮件失败
  • ¥200 总是报错,能帮助用python实现程序实现高斯正反算吗?有偿
  • ¥15 对于squad数据集的基于bert模型的微调
  • ¥15 为什么我运行这个网络会出现以下报错?CRNN神经网络
  • ¥20 steam下载游戏占用内存
  • ¥15 CST保存项目时失败
  • ¥15 树莓派5怎么用camera module 3啊
  • ¥20 java在应用程序里获取不到扬声器设备
  • ¥15 echarts动画效果的问题,请帮我添加一个动画。不要机器人回答。
  • ¥15 Attention is all you need 的代码运行