2

我想使用以下代码获取数据:

if(isset($_POST['btnSubmit']))
{
        /* connect using pdo */
        try
        {
            $db_conn = new PDO('mysql:host=localhost; dbname =database','username','password');
        }
        catch (PDOException $e) {
            echo "could not connect to database.";
            exit;
        }
        $password=$_POST['password'];
        $selectSQL = "SELECT fac_id, username, password, type, user_prefix FROM faculty WHERE username = ? AND password = ?";
        $stmt = $db_conn->prepare($selectSQL);
        $stmt->execute(array($_POST['username'],$password));
        while($abc = $stmt->fetch())
        {
            print_r($abc);
        }
        echo $rowCount = count($stmt);
        die;
}

预期结果:

所有行+行数。

我得到什么:

只有行数。

4

3 回答 3

2

好吧,您没有检查错误(您的查询很可能在您不知情的情况下失败)。

要检查错误,请设置PDO::ATTR_ERRMODEPDO::ERRMODE_EXCEPTION。(这将导致 PDO 抛出 PDOExceptions 错误):

if(isset($_POST['btnSubmit']))
{
        /* connect using pdo */
        try
        {
            $db_conn = new PDO('mysql:host=localhost; dbname =database','username','password');

            $db_conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
            $db_conn->setAttribute(PDO::EMULATE_PREPARES, false); //This will prevent PDO from emulating prepared statements. Solving various edge cases.

        $password=$_POST['password'];
        $selectSQL = "SELECT fac_id, username, password, type, user_prefix FROM faculty WHERE username = ? AND password = ?";
        $stmt = $db_conn->prepare($selectSQL);
        $stmt->execute(array($_POST['username'],$password));
        while($abc = $stmt->fetch())
        {
            print_r($abc);
        }
        echo $rowCount = count($stmt);
        die;
        }
        catch (PDOException $e) {
            echo "There was an error! " . $e->getMessage();
            exit;
        }
}
于 2013-06-27T11:35:03.013 回答
1

具有讽刺意味的是,你做的很好,但它算你做错了什么。
所以,如果没有获取 - 没有数据可以匹配。

if(isset($_POST['btnSubmit']))
{

    $dsn = "mysql:host=localhost;dbname=database;charset=utf8";
    $opt = array(
        PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
        PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC
    );
    $pdo = new PDO($dsn,'username','password', $opt);

    $sql = "SELECT fac_id, username, password, type, user_prefix 
            FROM faculty WHERE username = ? AND password = ?";
    $stmt = $pdo->prepare($sql);
    $stmt->execute(array($_POST['username'],$_POST['password']));
    $user = $stmt->fetch();
    var_dump($user);
}

如果它显示为 FALSE,您需要调试一些
尝试检查密码,例如

    $sql = "SELECT password FROM faculty WHERE username = ?";
    $stmt = $pdo->prepare($sql);
    $stmt->execute(array($_POST['username']));
    $pass = $stmt->fetchColumn();
    var_dump($pass, $_POST['password'], $_POST['password'] == $pass);
于 2013-06-27T12:15:43.587 回答
0
    show all column name in bind result
$result = $conn->prepare('SELECT * FROM users WHERE user_email = ? and user_password = ? ');
$result->bind_param('ss', $email, $password);
$result->execute();
$result->bind_result($userid,$fullname,$useremail,$userpassword,$userimage);                
        $array = array();               
        while($result->fetch()) 
        {
            $array['id'] = $userid;
            $array['fullname'] = $fullname;
            $array['email'] = $useremail;
            $array['picture'] = $userimage;             
        }

        print_r($array);
于 2015-08-06T11:29:42.927 回答