Answer the question
In order to leave comments, you need to log in
S
S
Sanzhar Bazarbek2021-08-15 23:27:52
Sanzhar Bazarbek, 2021-08-15 23:27:52
How to check authorization data through MySQL?
I want to check by login and password for authorization through MySQL
In Google, almost everything is done through a condition with a function that determines the number
of the same logins and passwords, but as I understand it, php has changed something in the function.
Couldn't find it through the documentation. The question is what, how and through
what now you need to check the data through MySQL? In my case, this is the username and password.
Mistake:
Fatal error: Uncaught TypeError: mysqli_num_rows(): Argument #1 ($result) must be of type mysqli_result, bool given in
Function and code:
if (mysqli_num_rows($checkUser) > 0)
1 answer(s)
@Rezvor
After you add a check to the code, you will see that the system swears at the incorrect syntax of the SQL query. Specifically, in your case it is the use of "==" for comparison. MySQL uses a single "=" for comparison.
After you fix this error, your code will work, but it will be very insecure.
In order to substitute values from php variables in a SQL query, use prepared expressions.
More details on why not to use mysqli_num_rows and how to use prepared expressions (information was copied from here ):
This is a very good question.
The answer to that is don't use .
Yes, mysqli does have a special function that can tell you how many rows a SELECT query returned.
It is traditionally used in two cases:
a) when it is not necessary
b) when it leads to catastrophic consequences
The first option is when we want to know if the request returned at least some data or not. But for this case, we have the data itself . Why separately request their number if we will still receive this data in a variable, which can then be used to find out whether the request returned something or not.
The second option is if this function is used to calculate how many rows are in the database. In this version, it will be outright sabotage, since the data can be verya lot, and the database must first receive all this data from itself, and then send it to PHP. Taking up all available memory or even causing an out-of-memory fatal error.
The correct solution to this problem would be to make a query like SELECT COUNT(*) FROM .... In this case, the database itself will count the number of rows (very quickly) and return only one number, which does not take up RAM at all.
So it turns out that the mysqli_num_rows() function is either harmful or useless
. In this case, you must first get the records from the database
And then take them out
As you can see, we didn't need any mysqli_num_rows
I
Immortal_pony, 2021-08-15 @Rezvor
mysqli_query returns false if an error occurred while executing the query. Therefore, if you are already writing in this style, then please check that no error occurred during the execution of the request. More or less like this:
$checkUser = mysqli_query($connect, "SELECT * FROM `users` WHERE `email` == '$email' AND `password` == '$password'");
if ($checkUser === false) {
die(mysqli_error($connect));
}After you add a check to the code, you will see that the system swears at the incorrect syntax of the SQL query. Specifically, in your case it is the use of "==" for comparison. MySQL uses a single "=" for comparison.
After you fix this error, your code will work, but it will be very insecure.
In order to substitute values from php variables in a SQL query, use prepared expressions.
More details on why not to use mysqli_num_rows and how to use prepared expressions (information was copied from here ):
This is a very good question.
The answer to that is don't use .
Yes, mysqli does have a special function that can tell you how many rows a SELECT query returned.
It is traditionally used in two cases:
a) when it is not necessary
b) when it leads to catastrophic consequences
The first option is when we want to know if the request returned at least some data or not. But for this case, we have the data itself . Why separately request their number if we will still receive this data in a variable, which can then be used to find out whether the request returned something or not.
The second option is if this function is used to calculate how many rows are in the database. In this version, it will be outright sabotage, since the data can be verya lot, and the database must first receive all this data from itself, and then send it to PHP. Taking up all available memory or even causing an out-of-memory fatal error.
The correct solution to this problem would be to make a query like SELECT COUNT(*) FROM .... In this case, the database itself will count the number of rows (very quickly) and return only one number, which does not take up RAM at all.
So it turns out that the mysqli_num_rows() function is either harmful or useless
. In this case, you must first get the records from the database
// БЕЗОПАСНО выполняем запрос
$stmt = $link->prepare("SELECT * FROM comments WHERE art_id = ?");
$stmt->bind_param("s", $note_id);
$stmt->execute();
// получаем данные
$result = $stmt->get_result();
$comments = $result->fetch_all(MYSQLI_ASSOC);And then take them out
<?php if ($comments): ?>
<?php foreach ($comments as $row): ?>
<?=$row['comment']?><br>
<?php endforeach ?>
<?php else: ?>
Эту запись еще никто не комментировал
<?php endif ?>As you can see, we didn't need any mysqli_num_rows
Similar questions
W
M
R
S
Sergey2015-05-13 21:19:17
How and how to split a webm file into several working parts in linux?
2Reply
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question