Jump to content
Larry Ullman's Book Forums

jhm

Members
  • Posts

    4
  • Joined

  • Last visited

Everything posted by jhm

  1. I needed to pass the ID to the variable $uid. That was my original issue/question. Fixed and working now, code below. Thanks! $q = 'SELECT id FROM users WHERE email = ?'; $stmt = mysqli_prepare($dbc, $q); mysqli_stmt_bind_param($stmt, 's', $email); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); $rows = mysqli_stmt_num_rows($stmt); if ($rows === 1) { mysqli_stmt_bind_result($stmt, $uid); /* fetch value */ mysqli_stmt_fetch($stmt);
  2. $q = 'SELECT id FROM users WHERE email = ?'; $stmt = mysqli_prepare($dbc, $q); mysqli_stmt_bind_param($stmt, 's', $email); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); $rows = mysqli_stmt_num_rows($stmt); if ($rows === 1) { ?? ---> list($uid) = mysqli_fetch_array($r, MYSQLI_NUM);
  3. Odd that all other code were changed to use prepared statements, except that one.
  4. In chapter 12, we're presented code to update example #1 to use prepared statements. For some reason, in the forgot_password.php file, there was one statement where Larry didn't supply the code to update. Was there a reason for this? Thanks. // Check for the existence of that email address... $q = 'SELECT id FROM users WHERE email="' . escape_data($email, $dbc) . '"'; $r = mysqli_query($dbc, $q); if (mysqli_num_rows($r) === 1) { // Retrieve the user ID: list($uid) = mysqli_fetch_array($r, MYSQLI_NUM); } else { // No database match made. $pass_errors['email'] = 'The submitted email address does not match those on file!'; }
×
×
  • Create New...