douluan5523 2017-02-09 10:40
浏览 346
已采纳

PHP - 获取sql select查询返回的行数

I would like to get the number of lines returned by a select query in PHP. I have the following code:-

$connection = new mysqli($server_name, $server_login, $server_password, $dbName);

if (!$connection) {
    echo "error";
    die("Connection failed. ".mysqli_connect_error())
}

//...

$command = "SELECT player_id FROM Player WHERE player_login = '" . $login."' AND player_password= '".$password."' ";

$result = mysqli_query($connection, $command);
echo num_rows($result);

I also tried with mysqli_stmt_num_rows() and mysqli_num_rows() but my result is always null (no result actually).

Do you know why ? Thanks.

  • 写回答

3条回答 默认 最新

  • dongpan2788 2017-02-09 10:53
    关注

    There are a few ways to get the number of rows returned, the most common ones are to run COUNT(*) in MySQL, but there's also mysqli_num_rows($result) (not num_rows() like you used, unless you created that function yourself). mysqli_stmt_num_rows() will only work when you're using prepare() instead of query().

    In ordre to use COUNT(*) you have to run and fetch the query first, while mysqli_num_rows() is a constant returned by the MySQLiResult object, which you can use if the query didn't fail.

    I modified the piece of code you've got to check if the query actually succeeded, mysqli_num_rows() won't work if the query failed.

    $command = "SELECT player_id FROM Player WHERE player_login = '" . $login."' AND player_password= '".$password."' ";

if ($result = mysqli_query($connection, $command)) {
    echo mysqli_num_rows($result);
} else {
    /* Query failed */
    echo "There was an error with the query: $command";
    echo "<br />".mysqli_error($connect);
}

    Or you can use COUNT(*), but then you'll have to fetch the results first.

    $command = "SELECT player_id, COUNT(*) as cnt FROM Player WHERE player_login = '" . $login."' AND player_password= '".$password."' ";

if ($result = mysqli_query($connection, $command)) {
    $row = mysqli_fetch_assoc($result);
    echo $row['cnt'];
} else {
    /* Query failed */
    echo "There was an error with the query: $command";
    echo "<br />".mysqli_error($connect);
}

    You should also note that this query is vulnerable to SQL injection, you should learn how to use prepared statements with placeholders to protect yourself against that. The manual on prepare() is a good place to start with that.

    You also seem to be storing passwords either in plain-text, or with poor methods (such as md5 or sha1). PHP offer's a built-in function, password_hash()/password_verify() which you should use. If you're below PHP version 5.5, these functions aren't native, but there's a compability pack which can be used instead.

    As a final note, mixing object oriented and procedural code will technically work (as the procedural ones in reality call the object oriented ones), but it's considered bad practice. If you connect with an object, continue to use object-oriented code.

    References

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 如何让企业微信机器人实现消息汇总整合
  • ¥50 关于#ui#的问题:做yolov8的ui界面出现的问题
  • ¥15 如何用Python爬取各高校教师公开的教育和工作经历
  • ¥15 TLE9879QXA40 电机驱动
  • ¥20 对于工程问题的非线性数学模型进行线性化
  • ¥15 Mirare PLUS 进行密钥认证?(详解)
  • ¥15 物体双站RCS和其组成阵列后的双站RCS关系验证
  • ¥20 想用ollama做一个自己的AI数据库
  • ¥15 关于qualoth编辑及缝合服装领子的问题解决方案探寻
  • ¥15 请问怎么才能复现这样的图呀