Jason Carson wrote:
Hello everyone, I am having a problem getting my prepared statements working. Here is my setup... index.php -> authenticate.php -> admin.php 1)index.php has a login form on it so when someone enters their username the form redirects to another page I call authenticate.php. 2)In the authenticate.php file I want to use prepared statements to interact with the MySQL database. I want to compare the username submitted from the form with the username in the database. 3)If the login username was legitimate then you are forwarded to admin.php Its step 2 I am having problems with. Here is what I have but I don't think it makes any sense and it doesn't work. $link = mysqli_connect($hostname, $dbusername, $password, $database); $stmt = mysqli_prepare($link, "SELECT * FROM administrators WHERE adminusers=?"); mysqli_stmt_bind_param($stmt, 's', $username); $result = mysqli_stmt_execute($stmt); $count=mysqli_num_rows($result); if($count==1){ header("location:admin.php"); } else { echo "Failure"; } Any help is appreciated. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.phpFor anyone reading this thread, here is the final code that I used... $link = mysqli_connect($hostname, $username, $password, $database); $stmt = mysqli_prepare($link, "SELECT * FROM administrators WHERE adminusers=?); mysqli_stmt_bind_param($stmt, "s", $adminuser); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); $count = mysqli_stmt_num_rows($stmt); if($count==1){ header("location:admin.php"); } else { echo "Failure"; }
I hope not, because you have a parse error on your second line, mysqli_prepare() Might want to close your double-quoted string -- Jim Lucas -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
