檢查表中用戶存在問題

-1

如果$name和$email與現有記錄不匹配，但下面的代碼段插入與另一個客戶端相同的記錄，我嘗試在以下位置阻止： if($stmt->num_rows > 0) {}檢查表中用戶存在問題

<?php 

include_once"dbconfig.php"; 
$name = "aaa"; 
$email = "[email protected]"; 
$phone = "666"; 
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_DATABASE); 
if ($mysqli->connect_error) { 
    die('Error : ('. $mysqli->connect_errno .') '. $mysqli->connect_error); 
} 
$sql = "SELECT id, name, email,phone FROM `clients` WHERE `email` = '". $email."' AND `phone` = ". $phone; 
$stmt = $mysqli->prepare($sql); 
$stmt->execute(); 
$stmt->bind_result($id, $name, $email, $phone); 
$stmt->store_result(); 

if($stmt->num_rows > 0) { 
     echo "This Email already is in system"; 
    }else{ 
     $stmt = $mysqli->prepare("INSERT INTO clients (`name`,`email`,`phone`) VALUES (?, ?, ?)"); 
     $stmt->bind_param("sss", $email, $phone, $name); 
     $stmt->execute(); 
     echo "New records created successfully"; 
    } 
$stmt->close(); 
$mysqli->close(); 

?>

你能讓我知道我在做什麼錯嗎？

來源

2016-11-30 Behseini

僅供參考，您的代碼很容易出現SQL注入 –

試試這個，

$sql = "SELECT id, name, email FROM `clients` WHERE `email` = '". $email."' AND `phone` = ". $phone;

來源

2016-11-30 07:33:48

-1

我認爲問題出在你的SQL語句，你檢查記錄，則在：

'電話'>」 $電話

來源

2016-11-30 07:38:26 Aseem

不客觀的@Behseini。 – Aseem

@Behseini嘗試打印$ stmt的var_dump來檢查'prepare'是否正常工作 – Aseem

試試這個： >「SELECT id，name，email，phone FROM'clients' WHERE'email' =？ AND'phone' =？「 – Aseem

檢查表中用戶存在問題

回答

相關問題