php - How to convert PDO to mysqli?

Question

Welcome To Ask or Share your Answers For Others

php - How to convert PDO to mysqli?

asked Oct 24, 2021 in Technique[技术] by 深蓝 (71.8m points)

I have a login screen in which the user inputs their username and password. I managed to connect to the database using PDO but I have to change it to mysqli. Could someone please help me convert it to mysqli. Thanks in advance.

PDO:

<?php
try {
        $database = new PDO('mysql:host=localhost;dbname=myfiles', 'root', '',array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
        $query = "SELECT * FROM users WHERE Username = ? AND Password = ?";

        $userParam = array($_POST["Uname"], $_POST["Pass"]);
        $st = $database->prepare($query);
        $st->execute($userParam);

        $getResults = $st->fetch(PDO::FETCH_ASSOC);

        session_start();

        $_SESSION['details']['username'] = $getResults['Username'];
        $_SESSION['details']['password'] = $getResults['Password'];

        unset($database);
        header("Location: index.php");
    }
catch(PDOException $e)
    {
   print "Error!: " . $e->getMessage() . "<br/>";
    exit();
    }
  ?>

Mysqli (This is what I have tried)

<?php

try {

$database =  mysqli_connect("localhost", "root", "", "myfiles");
$query = mysqli_query("SELECT * FROM users WHERE Username = ? AND Password = ?");

        $userParam = array($_POST["Uname"], $_POST["Pass"]);
        $st = $database->prepare($query);
        $st->execute($userParam);

        $getResults = mysqli_fetch_assoc($query);

        session_start();

        $_SESSION['details']['username'] = $results['Username'];
        $_SESSION['details']['password'] = $results['Password'];

        unset($database);
        header("Location: index.php");

        } catch (Exception $e ) {
        print "Error!: " . $e->getMessage() . "<br/>";
        exit();
}

?>

Error when running Mysqli code:

Warning: mysqli_query() expects at least 2 parameters, 1 given in G:xampphtdocsolddroplogin.php on line 39

Fatal error: Call to a member function execute() on a non-object in G:xampphtdocsolddroplogin.php on line 43

Update:

Mysqli

<?php

       try {

    $database =  mysqli_connect("localhost", "root", "", "myfiles");
    $query = "SELECT * FROM users WHERE Username = ? AND Password = ?";

            $userParam = array($_POST["Uname"], $_POST["Pass"]);
            $st = $database->prepare($query);
            $st->execute($userParam);

            $getResults = mysqli_fetch_assoc($st);

            session_start();

            $_SESSION['details']['username'] = $getResults['Username'];
            $_SESSION['details']['password'] = $getResults['Password'];

            unset($database);
            header("Location: index.php");

            } catch (Exception $e ) {
            print "Error!: " . $e->getMessage() . "<br/>";
            exit();
    }

    ?>

    "Waiting for localhost"

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

2.5k views

1 Answer

深蓝 · Answer 1 · 2021-10-23T21:43:10+0000

Your problem is here:

    $query = mysqli_query("SELECT * FROM users WHERE Username = ? AND Password = ?");

    $userParam = array($_POST["Uname"], $_POST["Pass"]);
    $st = $database->prepare($query);
    $st->execute($userParam);

prepare expects a string, mysqli_query is a procedural function which executes the query. Remove that. Additionally, with mysqli you need to bind the parameters first, not pass them to execute().

$query = "SELECT * FROM users WHERE Username = ? AND Password = ?";

$st = $database->prepare($query);
$st->bindParam("ss",$_POST["Uname"], $_POST["Pass"]);    
$st->execute();

Here's the relevant sections of the manual:

http://php.net/manual/en/mysqli.prepare.php

http://php.net/manual/en/mysqli-stmt.bind-param.php

http://php.net/manual/en/mysqli-stmt.execute.php