我现在正在开发一个php站点。我正在制作登录页面,当我检查登录代码是否有效时,它打印了整个准备行。
输出:
prepare("select * from login_details where user = ? && pass= ?;");
$stmt>bindValue(1, $name); $stmt->bindValue(2, $pass); $stmt->execute;
$row = $stmt->fetchall(PDO::FETCH_ASSOC); while ($row) { echo "
Failed
"; } ?
我的代码是
<body>
<?php
include 'connect.php';
if(isset($_POST['username']) && isset($_POST['pass'])){
$name=htmlentities($_POST['username']);
$pass=htmlentities($_POST['pass']);
}
$stmt= $dbh->prepare("select * from login_details where user = ? && pass= ?;");
$stmt->bindValue(1, $name);
$stmt->bindValue(2, $pass);
$stmt->execute;
$row = $stmt->fetchall(PDO::FETCH_ASSOC);
while ($row) {
echo "<h2>Failed</h2>";
}
?></body>
("select * from login_details where user = ? and pass=? ");
这是和不是&;。不应在语句中添加终止分号。