Click here to Skip to main content
15,796,456 members
Please Sign up or sign in to vote.
1.00/5 (2 votes)
See more:
I am trying to get value from HTML Form and utilised it in MySql Select Statement but it does not work in PHP file as below:

Table Name eclogin

My Table Structure
id    pwd
1001  mahesh

My HTML File:
  1  <!DOCTYPE html>
  2  <html>
  3  <head>
  4  <meta charset="utf-8">
  5  <meta name="viewport" content="width=device-width, initial-scale=1">
  6  <!-- Bootstrap CSS -->
  8  <link href="" 
  9  rel="stylesheet" integrity="sha384- 
 10  9ndCyUaIbzAi2FUVXJi0CjmCapSmO7SnpJef0486qhLnuZ2cdeRhO02iuK6FUUVM" crossorigin="anonymous">
 12  <script src="" 
 13  integrity="sha384-geWF76RCwLtnZ8qwWowPQNguL3RmwHVBC9FhGdlKrxdiJJigb/j/68SIy3Te4Bkz" 
 14  crossorigin="anonymous"></script>
 16  </head>
 17  <body>
 18  <div class="container-fluid">
 19  <div class="row">
 21  <div class="col-5" style="margin-top:20px;">
 22      <img src="logo/RSET.png" style="width:100%;"/>      
 23  </div>    
 25  <div class="col-7" style="margin-top:50px;">
 26          <p style="font-size:30px;display:inline;color:red"> રૂખી</p>
 27          <p style="font-size:30px;display:inline;color:blue">સોફ્ટવેર </p>
 28          <p style="font-size:30px;display:inline;color:black">એડયુકેશન  </p>
 29          <p style="font-size:30px;display:inline;color:green"> ટ્રસ્ટ </p>
 31  </div>
 32  </div>
 34   <form action="ec.php" method="post">
 36   <div style="text-align:center;margin-top:40px">   
 38   <input type="text" name="pwd" id="pwd" placeholder="તમારો પાસવર્ડ આપો"  
 39   style="color:black;" />
 41   <input type="submit" value="Login"   style="width:150px;height:40px;margin- 
 42    top:40px;background-color:blue;color:white" >
 44  </div>
 46  </form>
 47  </div>
 49  </body>
 50  </html>

My PHP File ec.php
  1  <?php
  2  // Establish a database connection
  4  $servername = "localhost";
  5  $username = "myusername";
  6  $password = "mypassword";
  7  $dbname = "dbname";
 11  $conn = new mysqli($servername, $username, $password, $dbname);
 13  // Retrieve form data
 14  $pwd = $_POST['pwd'];    
 16  $sql = "SELECT * FROM eclogin WHERE pwd=?"; // SQL with parameters
 17  $stmt = $conn->prepare($sql); 
 18  $stmt->bind_param("s", $pwd);
 19  $stmt->execute();
 21  if ($stmt->num_rows > 0) {
 23      echo "Success"; 
 25  }
 26  else{
 28      echo "Failed";
 29  }
 31  // Close the database connection     
 32  $conn->close();
 33  ?>

I have a doubt that something is wrong in the PHP file. My Mysql table has one row with data as above but as per PHP SQL statement, its nothing return. It always remain false whereas I am trying the above query in phpmyadmin, it works well and returns one row with pwd=mahesh but PHP always return false. No error display. Tell me what is wrong?

What I have tried:

I try from phpmyadmin with query and it works well but not in PHP.
Updated 12-Sep-23 9:13am
Richard MacCutchan 12-Sep-23 3:58am    
Have you checked to see exactly what is in $pwd at the time of building the select?
Richard Deeming 12-Sep-23 4:29am    
You are storing your single password in plain text. Don't do that!
Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]

PHP even has built-in functions to help you handle passwords correctly:
PHP: password_hash[^]
PHP: password_verify[^]
MAHESH WAGHELA 12-Sep-23 5:06am    
I have checked $pwd and its return parameter "mahesh" but in php it remain false
MAHESH WAGHELA 12-Sep-23 5:11am    
There is no problem in variable return but something wrong in php.but it is surprise that no error reported
Phil J Pearson 12-Sep-23 10:19am    
It is NOT an error to return no rows when there are no matching rows to return.
You don't seem to be setting $pwd to anything but you expect it to match a value in your table.

1 solution

The reason it returns a count of zero is simple: there are no matching rows.
That could be because it's the wrong table, the wrong DB, or (most likely) that the parameter value doesn't exactly match the cell content.

Sop start with the debugger, and look at exactly what $pwd contains, then compare that to the row you think you should match with. Unless they are identical it will not match, and zero rows will be returned.

But you shouldn't do it like that: Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^] - the code is C~, but the principle is the same for PHP but even easier because this exists: PHP: password_hash - Manual[^]

And remember: if you have any European Union users then GDPR applies and that means you need to handle passwords as sensitive data and store them in a safe and secure manner. Text is neither of those and the fines can be .... um ... outstanding. In December 2018 a German company received a relatively low fine of €20,000 for just that.
Share this answer

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900