Giuseppe: php - MySQLi, why fetch? Safest way to check query? -

Tuesday 15 July 2014

php - MySQLi, why fetch? Safest way to check query? -

For a login system I know that the username and password are correct or not, this is the code (without checking the errors etc.):

$ db = @ New MySQLi ('localhost', 'user', 'pw', 'db'); $ Sql = 'Where is the user ID select? And password =? '; $ Stmt = $ db- & gt; Ready ($ sql); $ Stmt- & gt; Bind_param ('s', $ username, $ password_hash); $ Stmt- & gt; Execute () $ stmt- & gt; Bind_State ($ UserID);

Now I want to check that the result has been done, in most tutorials this has been done:

  if (! $ Stmt-> Fatch ()) {// login was wrong, what stuff} and {// login was correct, do STUFF}    but why? It also works like this:  
  if (isset ($ UserID)) {// login was correct, DO STUFF} else {// log was incorrect, do    Or:  
  If ($ UserID! = 0) {// login was correct, DO STUFF} else {// login was incorrect, STUFF    So what is the fastest and safest way to do this?   
 
  You do not need nor "fastest" (as in slow Nothing is) nor "the safest" (as there is nothing to be unsafe).  
 What you need is just an  sensible  path  
  $ stmt = $ db- & gt; Ready ($ sql); $ Stmt- & gt; Bind_param ('s', $ username, $ password_hash); $ Stmt- & gt; Execute () $ stmt- & gt; Bind_State ($ UserID); $ Stmt- & gt; Bring ();    You now have to check the  $ UserID  variable and save it in session.  
  if ($ UserID) {$ _SESSION ['auth'] = $ UserID; }    As you can see, raw misskhi is very vocabulary and ugly. This is the reason why you should not use it, but some abstract layer like this  
  $ db = new secure mascul (); $ Sql = 'Member Selection ID where username and password =' s'; If ($ UserID = $ db-> getOne ($ sql, $ username, $ password_hash)); $ _SESSION ['auth'] = $ UserID; }    

 




Posted by



Unknown




at

03:22











Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest

No comments: Post a Comment

Newer Post Older Post Home Subscribe to: Post Comments (Atom)

About Me Unknown View my complete profile Blog Archive ► 2015 (1886) ► September (203) ► August (208) ► July (224) ► June (210) ► May (230) ► April (195) ► March (209) ► February (201) ► January (206) ▼ 2014 (2117) ► September (239) ► August (251) ▼ July (226) asp.net mvc 3 - Linq Grouping looses the child ent... c++ - A Base class technique for exception handling - file - Open the "open"-dialogbox from cmd - methods - Repeated tasks - spawn new processes or ... c# - Passing object to a WebMethod through jquery ... reporting services - Type Problems with Filter Exp... c++ - Cartesian product of several vectors - Python array combining - matlab - Error in curve fitting and other syntax i... Zimbra unable to email from mobile after upgrade t... java - Why do I get a ClassCastException and how d... How to convert XML to hash in Rails where empty ar... android - Prevent layout to resize after background - JavaScript seeting selectedIndex to be blank for s... Java program only returns the input, does not show... custom roles and user adminstration in ASP.net MVC... java - Stopping and Restarting a Stopwatch - objective c - Any way to see who is triggering cha... php - How to use/write mysql_real_escape_string in... css - Scroll html page to specific tag and stay in... css - Height issue on mobile device - perl - how to one line text format and convert to ... php - Want to order eventbrite events list so upco... algorithm - Rearranging data for quadtree/octree - Is there a reason JavaScript developers don't use ... php - Stop from jumping to top of page - .htaccess display_startup_errors setting depends o... performance - Android Not Enough Heap Allocated - android - Gridview with both image and text in eac... Mootools and Joomla 2.5 Custom Template - mobile - To continously check for the signal in an... twitter bootstrap - Android Browser - h1 tags rend... mysql - Removing redundant information, difficult ... git - GitHub Team Usage - How can I create a view like this in sencha touch ... c# - Anybody knows is it possible to setup Castle ... android - How do I get Intellij preview to display... javascript - PHP constant SQL query - JSFL typewriter effects for Flash CS6 - filereader - How to check which pattern use in fil... making a variable a class in javascript - php - send array variable via ajax post request - Python-list is too large and can't be deleted - How to slide pages in Corona SDK - java - Switch on String 1.7 - matlab - Applying functions to differently formatt... sql - Sum a sequence of device-labeled, data using... visual studio 2010 - Add Quotes to HTML Attributes - java - Setting a particular date into a prepared s... hdl - Are there any advantages to having fewer lev... javascript - Moment.js only within the last week - java - Explicit initialization of primitives - ios - UIView Components Not Moving With View - regex - JavaScript Regular Expression - strange re... sql - mysql use IF after SET only if condition is ... c# - .toggle() a div with asp:button - css - Page resizing and reshaping when scroll bar ... java - androidPlot black border - json - Consuming a ServiceStack service to get Raw... android - Will Google's In App Purchase still work... sql - Filter duplicate rows based on a field - php - Parsing a string into parts, only consecutiv... asp.net mvc 3 - MVC3 route by requested filename - what does !function() means in Javascript? - Querying states of widgets defined by a QT ui file - html - How can i get Calibri and specified width o... c# - Deployment of a web application using FSharp.... osx - Installing ruby on rails mac - c# - graphics from a class onto a form - sql - MySQL GROUP BY with MIN - incorrect column d... jquery - Selecting columns associated with a heade... authentication - Different name fields user table? - gruntjs - yeoman / cssmin - Minimize, but don't co... c++ - static const vs #define - java - Factorial of a number using recursion - java - sort list by date in descending order - gro... javascript - How do I access a generated form from... How to define Notation format in Coq using { - c++ - Function checking if an integer type can fit... ajax - Primefaces - ui:repeat component does not u... javascript - Binding a method within a constructor - C++ operator overloading prefix/suffix - c# - Cannot reference dynamically referenced contr... javascript - angularjs ng-grid dropdown not workin... Strange validation behaviour of the charset with t... c# - Is the stack trace of function that has been ... jquery - Passing a variable to target a specific a... cakephp - Display expired cache file when database... ios how to force to quit app - e commerce - Magento, Shop BY Block blowing out fo... http - How to make a synchronized HttpRequest in A... C# Wait for a Progam/Process to start - vb6 - System DSN is not working in Remote Desktop ... math - Making a cryptaritmetic solver in C++ - java - Constant Width SashForm - cordova - No matter what I do I can't get my Javas... c++11 - C++ Vector Sort method fails to compile, r... python variable scope in nested functions - android - how toget x and y cooridinates of sprit2... python - How to add value to a column in a record ... ► June (208) ► May (229) ► April (199) ► March (255) ► February (275) ► January (235) ► 2013 (2011) ► September (199) ► August (228) ► July (210) ► June (222) ► May (217) ► April (229) ► March (243) ► February (221) ► January (242) ► 2012 (1993) ► September (227) ► August (235) ► July (225) ► June (206) ► May (221) ► April (216) ► March (206) ► February (227) ► January (230) ► 2011 (1964) ► September (220) ► August (222) ► July (219) ► June (224) ► May (219) ► April (206) ► March (216) ► February (221) ► January (217) ► 2010 (1952) ► September (230) ► August (202) ► July (221) ► June (207) ► May (213) ► April (199) ► March (234) ► February (244) ► January (202)

Powered by Blogger.