php $stmt返回 0?

php $stmt returns 0?

提问人:Ben5678 提问时间:9/2/2023 最后编辑:DharmanBen5678 更新时间:9/2/2023 访问量:54

问:

这是我的代码:

if (isset($_GET['email'], $_GET['code'])) {
    if ($stmt = $con->prepare('SELECT * FROM accounts WHERE email = ? AND activation_code = ?')) {
        $stmt->bind_param('ss', $_GET['email'], $_GET['code']);
        $stmt->execute();
        // Store the result so we can check if the account exists in the database.
        $stmt->store_result();
        if ($stmt->num_rows > 0) {
            // Account exists with the requested email and code.
            if ($stmt = $con->prepare('UPDATE accounts SET activation_code = ? WHERE email = ? AND activation_code = ?')) {
                // Set the new activation code to 'activated', this is how we can check if the user has activated their account.
                $newcode = 'activated';
                $stmt->bind_param('sss', $newcode, $_GET['email'], $_GET['code']);
                $stmt->execute();
                echo 'Your account is now activated! You can now <a href="index.html">login</a>!';
            }
        } else {
            echo 'The account is already activated or doesn\'t exist!';
        }
    }
}

我总是得到这个输出:

echo 'The account is already activated or doesn\'t exist!';

我在这里做错了什么?

php mysql mysqli

评论

0赞 nbk 9/2/2023
你的逻辑是错误的,当带有代码的电子邮件不存在时,写下代码,否则它已经被激活,我也会在检查 OT 是否有代码之前检查电子邮件是否已经存在

答:

-1赞 Barmar 9/2/2023 #1

您的查询不会区分不存在的帐户和使用不同激活码存在的帐户。查询应该只查找电子邮件,然后检查激活码。

if (isset($_GET['email'], $_GET['code'])) {
    if ($stmt = $con->prepare('SELECT activation_code FROM accounts WHERE email = ?')) {
        $stmt->bind_param('s', $_GET['email']);
        $stmt->execute();
        // Store the result so we can check if the account exists in the database.
        $stmt->store_result();
        if ($stmt->num_rows > 0) {
            // Account exists with the requested email
            $result = $stmt->get_result();
            $row = $result->fetch_assoc();
            if ($row['activation_code'] != $_GET['code']) {
                if ($stmt = $con->prepare('UPDATE accounts SET activation_code = ? WHERE email = ?')) {
                    // Set the new activation code to 'activated', this is how we can check if the user has activated their account.
                    $newcode = 'activated';
                    $stmt->bind_param('ss', $newcode, $_GET['email']);
                    $stmt->execute();
                    echo 'Your account is now activated! You can now <a href="index.html">login</a>!';
                }
            } else {
                echo 'The account is already activated.';
            }
        } else {
            echo 'The account doesn\'t exist!';
        }
    }
}

评论

1赞 Ben5678 9/2/2023
我收到此错误:致命错误:未捕获mysqli_sql_exception:命令不同步;您现在无法在 /home/u590333097/domains/mysite.com/public_html/activate.php:21 中运行此命令 堆栈跟踪: #0 /home/u590333097/domains/mysite.com/public_html/activate.php(21): mysqli_stmt->get_result() #1 {main} 扔在 /home/u590333097/domains/mysite.com/public_html/activate.php 上 21 行
0赞 Barmar 9/2/2023
有没有可能有多行相同?仅当您尚未读取第一个查询中的所有行时,才会发生这种情况。email
0赞 Barmar 9/2/2023
请参阅 stackoverflow.com/questions/3632075/...
0赞 Ben5678 9/2/2023
只有 1 行电子邮件
1赞 Barmar 9/2/2023
然后我不确定为什么会这样。 也应该防止这种情况发生。当您访问此代码时,您是否还有其他疑问?$stmt->store_result()

上一个:PHP 预准备语句未插入,未出现错误

下一个:应用程序面临错误 - 发送INIT_DB数据包时出错 [已关闭]