I need to check db for matching user credential on login script.
There must be atleast one matching row. Else, script should alert user not registered.
Need to check the db using the function mysqli_stmt_num_rows()
.
Assignment is to list all the various valid ways this function can be used to check for mathcing rows.
I conconcted 21 different ways. But I need your assistance to point-out the invalid attempts out of the 21 different attempts. That is all.
Note the 21 different IFs below. Note the comments on each. I queried the db using correct user credentials.
That means, mysqli_stmt_num_rows()
should show '1'.
I have labeled my attempts from 1 to 21. I need you to give me the label numbers of the ones that are invalid.
On my tests, whichever attempt showed one matching row found, I put PASS on the comment beside it.
And, whichever attempt showed matching row NOT found, I put FAIL on the comment.
QUESTION: Which of these following 21 are invalid or incorrect way to check for matching rows ? Give me their label numbers.
Note, I know the difference between "=", "==" and "===".
And, I know the difference between "!=", "!==" and "!===".
I added some invalid checks just for experimental purposes.
Thanks
1
if(!$num_rows = mysqli_stmt_num_rows($stmt)) //FAILS
{
die('Incorrect User Credentials!');
}
2
if(!$num_rows==mysqli_stmt_num_rows($stmt)) //FAILS
{
die('Incorrect User Credentials!');
}
3
if($num_rows!=mysqli_stmt_num_rows($stmt)) //FAILS
{
die('Incorrect User Credentials!');
}
4
if($num_rows!==mysqli_stmt_num_rows($stmt)) //FAILS
{
die('Incorrect User Credentials!');
}
5
if($num_rows = mysqli_stmt_num_rows($stmt)!=1) //WORKS
{
die('Incorrect User Credentials!');
}
6
if($num_rows = mysqli_stmt_num_rows($stmt)!==1) //WORKS
{
die('Incorrect User Credentials!');
}
7
if($num_rows = mysqli_stmt_num_rows($stmt)<1) //WORKS
{
die('Incorrect User Credentials!');
}
8
if($num_rows = mysqli_stmt_num_rows($stmt)=0)//FAILS
{
die('Incorrect User Credentials!');
}
9
if($num_rows = mysqli_stmt_num_rows($stmt)==0)//WORKS
{
die('Incorrect User Credentials!');
}
10
if($num_rows = mysqli_stmt_num_rows($stmt)===0)//WORKS
{
die('Incorrect User Credentials!');
}
11
if(!mysqli_stmt_num_rows($stmt)) //FAILS
{
die('Incorrect User Credentials!');
}
12
if(mysqli_stmt_num_rows($stmt)=FALSE) //FAILS
{
die('Incorrect User Credentials!');
}
13
if(mysqli_stmt_num_rows($stmt)==FALSE) //FAILS
{
die('Incorrect User Credentials!');
}
14
if(mysqli_stmt_num_rows($stmt)===FALSE) //WORKS
{
die('Incorrect User Credentials!');
}
15
if(!mysqli_stmt_num_rows($stmt)=TRUE) //FAILS
{
die('Incorrect User Credentials!');
}
16
if(!mysqli_stmt_num_rows($stmt)==TRUE) //FAILS
{
die('Incorrect User Credentials!');
}
17
if(mysqli_stmt_num_rows($stmt)!=TRUE) //FAILS
{
die('Incorrect User Credentials!');
}
18
if(mysqli_stmt_num_rows($stmt)!==TRUE) //FAILS
{
die('Incorrect User Credentials!');
}
19
if(mysqli_stmt_num_rows($stmt)=NULL) //FAILS
{
die('Incorrect User Credentials!');
}
20
if(mysqli_stmt_num_rows($stmt)==NULL) //FAILS
{
die('Incorrect User Credentials!');
}
21
if(mysqli_stmt_num_rows($stmt)===NULL) //WORKS
{
die('Incorrect User Credentials!');
}
CONTEXT
$domain = trim($_POST['domain']);
$domain_email = trim($_POST['domain_email']);
$password_hashed = hash('sha256',trim($_POST['password']));
//Query DB.
//Check if User already registered or not.
mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT);
$conn = mysqli_connect("localhost","root","","buzz"); //mysqli_connect("server","user","password","db");
$stmt = mysqli_stmt_init($conn);
//$sql = "SELECT id FROM domains WHERE password = ? AND (domain = ? OR domain_email = ?)";
$sql = "SELECT id FROM domains WHERE (domain = ? OR domain_email = ?) AND password = ?";
if(!mysqli_stmt_prepare($stmt,$sql))
{
echo __LINE__; echo '<br>';//DELETE
echo 'Mysqli Error: ' .mysqli_stmt_error(); //DEV MODE.
echo '<br>';
echo 'Mysqli Error No: ' .mysqli_stmt_errno(); //DEV MODE.
echo '<br>';
die('Login a Failure!');
}
else
{
echo __LINE__; echo '<br>';//DELETE
mysqli_stmt_bind_param($stmt,"sss",$domain,$domain_email,$password_hashed);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt,$id);
if(!mysqli_stmt_fetch($stmt)) //This triggers if credentials are wrong.
{
echo __LINE__; echo '<br>';//DELETE
mysqli_stmt_close($stmt);
mysqli_close($conn);
die('Password fetching failed!');
}
else
{
echo __LINE__; echo '<br>';//DELETE
//if(!$num_rows = mysqli_stmt_num_rows($stmt)) //FAILS
//if(!$num_rows==mysqli_stmt_num_rows($stmt)) //FAILS
//if($num_rows!=mysqli_stmt_num_rows($stmt)) //FAILS
//if($num_rows!==mysqli_stmt_num_rows($stmt)) //FAILS
//if($num_rows = mysqli_stmt_num_rows($stmt)!=1) //WORKS
//if($num_rows = mysqli_stmt_num_rows($stmt)!==1) //WORKS
//if($num_rows = mysqli_stmt_num_rows($stmt)<1) //WORKS
//if($num_rows = mysqli_stmt_num_rows($stmt)=0)//FAILS
//if($num_rows = mysqli_stmt_num_rows($stmt)==0)//WORKS
//if($num_rows = mysqli_stmt_num_rows($stmt)===0)//WORKS
//if(!mysqli_stmt_num_rows($stmt)) //FAILS
//if(mysqli_stmt_num_rows($stmt)=FALSE) //FAILS
//if(mysqli_stmt_num_rows($stmt)==FALSE) //FAILS
//if(mysqli_stmt_num_rows($stmt)===FALSE) //WORKS
//if(!mysqli_stmt_num_rows($stmt)=TRUE) //FAILS
//if(!mysqli_stmt_num_rows($stmt)==TRUE) //FAILS
//if(mysqli_stmt_num_rows($stmt)!=TRUE) //FAILS
//if(mysqli_stmt_num_rows($stmt)!==TRUE) //FAILS
//if(mysqli_stmt_num_rows($stmt)=NULL) //FAILS
//if(mysqli_stmt_num_rows($stmt)==NULL) //FAILS
//if(mysqli_stmt_num_rows($stmt)===NULL) //WORKS
{
die('Incorrect User Credentials!');
}
mysqli_stmt_close($stmt);
mysqli_close($conn);
echo __LINE__; echo '<br>';//DELETE
echo 'password: ' .$password; echo '<br>';
echo 'hashed password: ' .$hashed_password; echo '<br>';
header('location: home_Template.php');
exit;
}
Experimented half the night and some test results confused me which I need clearing.