2
This code should redirect the user from the login page to the menu. However, after changing a simple query to a prepared statement, I can’t log in anymore, because $quant always returns empty. Some light?
<?php
session_start();
include 'config.php';
$con = conectar();
$usuario= $_POST['usuario'];
$senha= $_POST['senha'];
$sql = "SELECT * FROM adm WHERE usuario LIKE ? AND senha = ?";
$stmt= mysqli_prepare($con,$sql);
mysqli_stmt_bind_param($stmt, 'ss', $usuario, $senha);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
$reg = mysqli_stmt_fetch($stmt);
$quant = mysqli_stmt_num_rows($stmt);
mysqli_stmt_close($stmt);
if($quant!=0) {
$_SESSION['codigo'] = $reg['cod_adm'];
$_SESSION['usuario'] = $reg['usuario'];
$_SESSION['senha'] = $reg['senha'];
$_SESSION['tipo'] = 'adm';
header('location:menu.php');
}
else{
$sql = "SELECT * FROM comum WHERE usuario LIKE ? AND senha = ?";
$stmt = mysqli_prepare($con,$sql);
mysqli_stmt_bind_param($stmt, 'ss', $usuario, $senha);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
$reg = mysqli_stmt_fetch($stmt);
$quant = (mysqli_stmt_num_rows($stmt));
mysqli_stmt_close($stmt);
if ($quant==0){
echo "<center>
<h2>
<b>Login ou senha inválidos!</b>
</h2>
</center>";
echo "<center>
<a href='../home.html' class='voltar'>
<span><b>Voltar</b></span>
</a>
</center>";
}
else {
$_SESSION['codigo'] = $reg['cod_comum'];
$_SESSION['usuario'] = $reg['usuario'];
$_SESSION['senha'] = $reg['senha'];
$_SESSION['tipo'] = 'comum';
header('location:menu.php');
}
}?>
pq uses like to find the user name?
– rray
was 'indifferent' when writing, using
=orlike, then we’ll leave it at that– ana
Have you tried running this user query directly in the database? It returns some result?
– Bruno