How to use RowCount in PHP using SQL Server

Question

I want to display data from RowCount in PHP. But the result always false like

{"status":false,"message":"Invalid Username and Password!"}

Everything being ok without RowCount but cannot validate when input wrong password / wrong username here is my Login function on master class

public function Login($username,$password)
    {
        // select all query
        try {
            // Statement
            $sqlsrvquery = "
            EXEC [dbo].[GetAllAdmin2] 
            @username = ?, 
            @password = ?";
            $stmt = $this->conn->prepare($sqlsrvquery);
            $stmt->bindParam(1, $username, PDO::PARAM_STR);
            $stmt->bindParam(2, $password, PDO::PARAM_STR);
            $stmt->execute();
            if($stmt->rowCount() > 0) {
                while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
                    $admin_arr = array(
                        "status" => true,
                        "username" => $row['username'],
                        "password" => $row['password'],

                    );

                }
            }

                else {
                $admin_arr = array(
                    "status" => false,
                    "message" => "Invalid Username and Password!",
                );
            }


        } catch (Exception $e) {
            print_r($e->getMessage());
        }
        print_r(json_encode($admin_arr));
    }

My question is sql server can using RowCount ? Thanks

but i need validation about wrong username and wrong password — Blanc Chen, Jan 20 '21 at 12:32
because i'm using Mysql, its working properly. But SQL Server cannot — Blanc Chen, Jan 20 '21 at 12:33
**Never store passwords in clear text or using MD5/SHA1!** Only store password hashes created using PHP's [`password_hash()`](https://php.net/manual/en/function.password-hash.php), which you can then verify using [`password_verify()`](https://php.net/manual/en/function.password-verify.php). Take a look at this post: [How to use password_hash](https://stackoverflow.com/q/30279321/1839439) and learn more about [bcrypt & password hashing in PHP](https://stackoverflow.com/a/6337021/1839439) — Dharman, Jan 20 '21 at 12:33

score 0 · Accepted Answer · answered Jan 20 '21 at 12:36

Just don't use rowCount() at all. You don't need it. You also don't need that useless try-catch and the while loop. When you remove all of the redundant stuff your code should look something like this:

public function Login($username,$password)
    // Statement
    $sqlsrvquery = "
        EXEC [dbo].[GetAllAdmin2] 
        @username = ?, 
        @password = ?";
    $stmt = $this->conn->prepare($sqlsrvquery);
    $stmt->bindParam(1, $username, PDO::PARAM_STR);
    $stmt->bindParam(2, $password, PDO::PARAM_STR);
    $stmt->execute();
    if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
        $admin_arr = array(
            "status" => true,
            "username" => $row['username'],
            "password" => $row['password'],

        );
    } else {
        $admin_arr = array(
            "status" => false,
            "message" => "Invalid Username and Password!",
        );
    }
    print_r(json_encode($admin_arr));
}

How to use RowCount in PHP using SQL Server

1 Answers1

Linked