vikram12345 Posted November 21, 2012 Share Posted November 21, 2012 (edited) <?php // $goto = $_GET['goto'] ; session_start() ; $useremail = $_POST['emailfield'] ; $passwording = $_POST['pwfield'] ; $salt = "@cmiplpnp##" ; $iterations = 4; $hash = crypt($passwording,$salt); for ($i = 0; $i < $iterations; ++$i) { $hash = crypt($hash . $passwording,$salt); } echo $passwording ; echo '<br>' ; echo $hash ; echo '<br>' ; require ('sqliauth2.php') ; /* create a prepared statement */ if ($stmt = $mysqli->prepare("SELECT * FROM userregistry WHERE email= ? AND password11=? ")) ; { /* bind parameters for markers */ $stmt->bind_param("ss",$email, $hash); /* execute query */ $stmt->execute(); /* bind result variables */ $stmt->bind_result($email,$hash); $stmt->fetch(); $row_cnt = $result->num_rows ; /* close statement */ $stmt->close(); } /* close connection */ $mysqli->close(); echo $row_cnt ; ?> ERRORS :::: Warning: mysqli_stmt::bind_result(): Number of bind variables doesn't match number of fields in prepared statement in D:\xampp\htdocs\bullet2\sqlilogincheck.phpon line 39 Notice: Undefined variable: result in D:\xampp\htdocs\bullet2\sqlilogincheck.php on line 41 Notice: Trying to get property of non-object in D:\xampp\htdocs\bullet2\sqlilogincheck.php on line 41 Trying to understand why, but no clue HELP !!! Edited November 21, 2012 by vikram12345 Quote Link to comment Share on other sites More sharing options...
vikram12345 Posted November 21, 2012 Author Share Posted November 21, 2012 The echoes are showing properly, but errors visible. The last echo $row_cnt ; doesn't print . and of course in between you have those errors . Quote Link to comment Share on other sites More sharing options...
vikram12345 Posted November 21, 2012 Author Share Posted November 21, 2012 added what ? Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted November 21, 2012 Share Posted November 21, 2012 That post from annarocco39 is just spam. Your error msgs : 1st one : $stmt->bind_param("ss",$email, $hash); You are sending 3 paramaters to the query sting when you have only put 2 ? holders in place in the query string. 2nd and 3rd both relate to $row_cnt = $result->num_rows You have not defined $result as anything previous to this line. You have to define a variable before you can use it on the tight hand side of an assignment. As the parser does not know what $result is, it can't access the object properties you think it should have. Quote Link to comment Share on other sites More sharing options...
vikram12345 Posted November 21, 2012 Author Share Posted November 21, 2012 That post from annarocco39 is just spam. Your error msgs : 1st one : $stmt->bind_param("ss",$email, $hash); You are sending 3 paramaters to the query sting when you have only put 2 ? holders in place in the query string. 2nd and 3rd both relate to $row_cnt = $result->num_rows You have not defined $result as anything previous to this line. You have to define a variable before you can use it on the tight hand side of an assignment. As the parser does not know what $result is, it can't access the object properties you think it should have. I solved the result issue . Now i'm gettin this Warning: mysqli_stmt::bind_result(): Number of bind variables doesn't match number of fields in prepared statement in D:\xampp\htdocs\bullet2\sqlilogincheck.phpon line 39 my current code : // $goto = $_GET['goto'] ; session_start() ; $useremail = $_POST['emailfield'] ; $passwording = $_POST['pwfield'] ; $salt = "@cmiplpnp##" ; $iterations = 4; $hash = crypt($passwording,$salt); for ($i = 0; $i < $iterations; ++$i) { $hash = crypt($hash . $passwording,$salt); } echo $passwording ; echo '<br>' ; echo $hash ; echo '<br>' ; require ('sqliauth2.php') ; /* create a prepared statement */ if ($stmt = $mysqli->prepare("SELECT * FROM userregistry WHERE email= ? AND password11=? ")) ; { /* bind parameters for markers */ $stmt->bind_param("ss",$email, $hash); /* execute query */ $stmt->execute(); /* bind result variables */ $stmt->bind_result($email,$hash); $stmt->fetch(); $row_cnt = $stmt->num_rows ; /* close statement */ $stmt->close(); } /* close connection */ $mysqli->close(); echo $row_cnt ; ?> Quote Link to comment Share on other sites More sharing options...
vikram12345 Posted November 21, 2012 Author Share Posted November 21, 2012 How do i match the number of parameters sent ? Quote Link to comment Share on other sites More sharing options...
Christian F. Posted November 21, 2012 Share Posted November 21, 2012 (edited) SELECT * FROM You have only two fields in that table? If not, then this won't work: $stmt->bind_result($email,$hash); Always define the fields you want to retrieve from the database, and avoid using the "*" (all) selector. Not only for performance issues, but also because you'll avoid situations like these. Edited November 21, 2012 by Christian F. Quote Link to comment Share on other sites More sharing options...
vikram12345 Posted November 21, 2012 Author Share Posted November 21, 2012 SELECT * FROM You have only two fields in that table? If not, then this won't work: $stmt->bind_result($email,$hash); Always define the fields you want to retrieve from the database, and avoid using the "*" (all) selector. Not only for performance issues, but also because you'll avoid situations like these. really sorry for buggin you guys, but what can I replace it with ? any other changes required in the code ?? Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted November 21, 2012 Share Posted November 21, 2012 you raplace * with the column names that you actualy want to retrieve. have a look at this example: $sql = "SELECT firstName, lastName, idNumber FROM users where email = ? and pass = ?"; $stmt = $mysqli->prepare($sql); $stmt->bind_param($email, $hash); $stmt->bind_results($firstName, $lastName, $idNumber); echo " welcome $firstName $lastName, your ID Number is $idNumber"; you see how the results get bound to the variables in the same order they are selected in? if you select the whole table, then you will need to bind every result. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.