案例源码:
<?php
$username = $_GET['username'];
$pass = $_GET['password'];
//建立连接
$link = mysqli_connect("localhost","root","root","test");
//创建sql ?为占位符
$sql = "select * from users where user_name = ? and password = ?";
//进行预编译
$preSql = $link->prepare($sql);
//ss 表示两个string类型,对占位符进行赋值
$preSql -> bind_param("ss",$username,$pass);
//绑定返回的结果集,result的值要与数据库返回的位数相等
$preSql -> bind_result($id,$user_name,$password,$img);
//执行查询
$preSql -> execute();
//获取结果
$preSql ->fetch();
if ($user_name == $username && $password = $pass){
echo "<script>alert('登录成功')</script>";
echo "<script>window.location='index.php'</script>";//进行跳转
}else{
echo "<script>alert('登录失败,请重新登录')</script>";
echo "<script>window.locat