Assign Values to Variables w Prepared Statement

I am working on a Log-In script.

Here is what I have so far…

	// Build query.
	$q = 'SELECT id, email, first_name
			FROM member
			WHERE email=? AND pass=?';

	// Prepare statement.
	$stmt = mysqli_prepare($dbc, $q);

	// Bind variable.
	mysqli_stmt_bind_param($stmt, 'ss', $email, $pass);

	// Execute query.

	// Transfer result set from prepared statement.
	// (You must call for every query that successfully produces a result set.)
	// Check for Member Record.
	if (mysqli_stmt_num_rows($stmt)==1){
		// Member found.
		do something here?!

I would like to assign the id and first_name to variables so I can use them later (e.g. to display “Welcome <first_name>!”).


I’m not an expert in this nor that i’ve ever used msqli but as far as i know here’s how it goes…

if(isset($_POST['email']) and isset $_POST['password']))
$login = mysql_real_escape_string(stripslashes(strip_html($_POST['email'])));
$pass = mysql_real_escape_string(stripslashes(strip_html($_POST['password'])));

$q = "SELECT id, email, first_name
	FROM member WHERE email='$email'
	AND pass='$pass'";

$qQuery = mysqli_prepare($dbc, $q);

//after you finish off your code *again i never used mysqli at all*

// Check for Member Record.

    if (mysqli_stmt_num_rows($stmt)==1){

        // Member found.
	$_SESSION['id']              = $id;
	$_SESSION['email']         = $email;
	$_SESSION['first_name'] = $first_name;

//now all you need is

echo "Welcome" . $_SESSION['first_name'];

on your div/table where the Greeting goes.


I am using Prepared Statements so I don’t believe the way you posted will work.