I am trying to create a login page, but I'm having some issues using prepared statements to secure the login. I have the following code:
$sql = "SELECT * FROM users WHERE user_email=?";
$stmt = mysqli_stmt_prepare($db, $sql);
mysqli_stmt_bind_param($stmt, "s", $email);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$resultCheck = mysqli_stmt_num_rows($stmt);
The problem occurs when checking if the result check variable is less than 1. It shouldn't be 0, but it is. I don't understand why, as the database has an email with the value test@test.com
, but when trying to enter that the $resultCheck
variable still returns 0. I'm guessing it has to do with the prepared statements.