so I'm not sure what's wrong here, I've tried doing this multiple ways, and I can't get it to work, I followed the manual but it doesn't seem to change, i have a simple login.php ,I've checked my query already but it works on mysql, i have error reporting on, what I suspect is that it might be because I'm testing this on WAMP server, but im not sure if that has anything to do please help.
EDITED
<?php
session_start();
ERROR_REPORTING( E_ALL | E_STRICT );
ini_set('display_errors',1);error_reporting(-1);
include_once 'UniversalConnect.php';
class login{
public function __construct()
{
$this->dologin();
}
private function dologin()
{
$name = $_POST['name'];
$pass = $_POST['pass'];
$mysqli = new mysqli("127.0.0.1","root","root","mrt");
var_dump($mysqli);
$sql="SELECT * FROM administradores WHERE nombre_administrador= ? AND password= ?";
$stmt = $mysqli->prepare($sql);
if ( !$stmt ) {
printf('errno: %d, error: %s', $mysqli->errno, $mysqli->error);
die;
}
$stmt->bind_param("ss",$name,$pass);
if ( !$name ) {
printf('errno: %d, error: %s', $stmt->errno, $stmt->error);
}
$stmt->execute();
$stmt->store_result();
if($stmt->num_rows==1)
{
var_dump($rows);
header("location: indexSCAF.html");
else{
$errmsg_arr[] = 'Username and Password are not found';
$errflag = true;
}
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
exit();
}
}
}/*close function dologin*/
}/*close class */
?>
the results of the var_dumps give
string 'admin' (length=5)
string 'test' (length=4)
object(mysqli)[3]
public 'affected_rows' => null
public 'client_info' => null
public 'client_version' => null
public 'connect_errno' => null
public 'connect_error' => null
public 'errno' => null
public 'error' => null
public 'error_list' => null
public 'field_count' => null
public 'host_info' => null
public 'info' => null
public 'insert_id' => null
public 'server_info' => null
public 'server_version' => null
public 'stat' => null
public 'sqlstate' => null
public 'protocol_version' => null
public 'thread_id' => null
public 'warning_count' => null
object(mysqli_stmt)[4]
public 'affected_rows' => null
public 'insert_id' => null
public 'num_rows' => null
public 'param_count' => null
public 'field_count' => null
public 'errno' => null
public 'error' => null
public 'error_list' => null
public 'sqlstate' => null
public 'id' => null
object(mysqli_stmt)[4]
public 'affected_rows' => null
public 'insert_id' => null
public 'num_rows' => null
public 'param_count' => null
public 'field_count' => null
public 'errno' => null
public 'error' => null
public 'error_list' => null
public 'sqlstate' => null
public 'id' => null
null
You need to use bind_result before fetching the result so that your prepare statement fetches correctly .
$mysqli = new mysqli("127.0.0.1","root","root","mrt");
$sql = " SELECT userId,userName From user WHERE nombre_administrador= ? AND password= ? ";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("ss",$user,$pass);
$stmt->execute();
$stmt->store_result();
if($stmt->num_rows>0)
{
$stmt->bind_result($userId,$userName)
while($stmt->fetch())
{
// success handle result
header("location: indexSACF.html");
}
}
else
{
$errmsg_arr[] = 'Username and Password are not found';
$errflag = true;
}
$stmt->free_result()
$stmt->close();
Note: In query statement never use select * as it would not bind your results. instead use arameters
SELECT userId,userName From user WHERE nombre_administrador= ? AND password= ? ;
For more info you can refer this