Why don't using consider using PDO for this purpose? Examples can be found here: http://au.php.net/manual/en/pdo.prepare.php On Sun, Jul 12, 2009 at 2:52 PM, Daniel Brown <danbrown@xxxxxxx> wrote: > [Redirected to PHP-DB: php-db@xxxxxxxxxxxxx] > > > On Sun, Jul 12, 2009 at 00:31, Jason Carson<jason@xxxxxxxxxxxxxx> wrote: > > Hello everyone, > > > > I am having a problem getting my prepared statements working. Here is my > > setup... > > > > index.php -> authenticate.php -> admin.php > > > > 1)index.php has a login form on it so when someone enters their username > > the form redirects to another page I call authenticate.php. > > > > 2)In the authenticate.php file I want to use prepared statements to > > interact with the MySQL database. I want to compare the username > submitted > > from the form with the username in the database. > > > > 3)If the login username was legitimate then you are forwarded to > admin.php > > > > Its step 2 I am having problems with. Here is what I have but I don't > > think it makes any sense and it doesn't work. > > > > > > $link = mysqli_connect($hostname, $dbusername, $password, $database); > > $stmt = mysqli_prepare($link, "SELECT * FROM administrators WHERE > > adminusers=?"); > > mysqli_stmt_bind_param($stmt, 's', $username); > > $result = mysqli_stmt_execute($stmt); > > > > $count=mysqli_num_rows($result); > > > > if($count==1){ > > header("location:admin.php"); > > } else { > > echo "Failure"; > > } > > > > Any help is appreciated. > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > > -- > </Daniel P. Brown> > daniel.brown@xxxxxxxxxxxx || danbrown@xxxxxxx > http://www.parasane.net/ || http://www.pilotpig.net/ > Check out our great hosting and dedicated server deals at > http://twitter.com/pilotpig > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
