Jim Lucas wrote:
> Jason Carson wrote:
>>> Hello everyone,
>>>
>>> I am having a problem getting my prepared statements working. Here is my
>>> setup...
>>>
>>> index.php -> authenticate.php -> admin.php
>>>
>>> 1)index.php has a login form on it so when someone enters their username
>>> the form redirects to another page I call authenticate.php.
>>>
>>> 2)In the authenticate.php file I want to use prepared statements to
>>> interact with the MySQL database. I want to compare the username
>>> submitted
>>> from the form with the username in the database.
>>>
>>> 3)If the login username was legitimate then you are forwarded to
>>> admin.php
>>>
>>> Its step 2 I am having problems with. Here is what I have but I don't
>>> think it makes any sense and it doesn't work.
>>>
>>>
>>> $link = mysqli_connect($hostname, $dbusername, $password, $database);
>>> $stmt = mysqli_prepare($link, "SELECT * FROM administrators WHERE
>>> adminusers=?");
>>> mysqli_stmt_bind_param($stmt, 's', $username);
>>> $result = mysqli_stmt_execute($stmt);
>>>
>>> $count=mysqli_num_rows($result);
>>>
>>> if($count==1){
>>> header("location:admin.php");
>>> } else {
>>> echo "Failure";
>>> }
>>>
>>> Any help is appreciated.
>>>
>>>
>>> --
>>> PHP General Mailing List (http://www.php.net/)
>>> To unsubscribe, visit: http://www.php.net/unsub.php
>>>
>>>
>> For anyone reading this thread, here is the final code that I used...
>>
>> $link = mysqli_connect($hostname, $username, $password, $database);
>> $stmt = mysqli_prepare($link, "SELECT * FROM administrators WHERE
>> adminusers=?);
>> mysqli_stmt_bind_param($stmt, "s", $adminuser);
>> mysqli_stmt_execute($stmt);
>> mysqli_stmt_store_result($stmt);
>> $count = mysqli_stmt_num_rows($stmt);
>>
>> if($count==1){
>> header("location:admin.php");
>> } else {
>> echo "Failure";
>> }
>>
>>
>
> I hope not, because you have a parse error on your second line,
> mysqli_prepare()
>
> Might want to close your double-quoted string
>
> --
> Jim Lucas
Not to mention that I don't see $adminuser defined anywhere. If its
from a form and register_globals are off, maybe $_POST['adminuser'].
--
Thanks!
-Shawn
http://www.spidean.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
