各位新人大家好，我试图弄清楚为什么我的代码在我的 $loginresult 不 = 1 时返回“登录成功”。这是我第一次尝试使用我的登录系统实现准备好的语句以避免 SQL 注入，并且很好奇是否问题在于我是如何写的。我可以肯定地说，当我成功登录时，我的值为 1，不成功则为 5。每当它是 5 时，它仍然返回与 1 应该返回的相同的回显。感谢大家的时间和耐心。<?php session_start(); ?><!DOCTYPE html><head>  <title>Login</title></head><body><?phpinclude('config.php');$conn = sqlsrv_connect($serverName, $conn_array);  $myparams['username'] = $_POST['username'];  $myparams['password'] = $_POST['password'];      // All checks done already (including password check). Begin building prepare statement.    $sql = "SET ANSI_NULLS ON    SET QUOTED_IDENTIFIER ON    SET CONCAT_NULL_YIELDS_NULL ON    SET ANSI_WARNINGS ON    SET ANSI_PADDING ON    exec LoginScript @in_accountname=?,@in_password=?        ";//Array for prep$procedure_params = array(        array(&$myparams['username'], SQLSRV_PARAM_IN),        array(&$myparams['password'], SQLSRV_PARAM_IN));/* Prepare the statement. */if( $stmt = sqlsrv_prepare( $conn, $sql, $procedure_params)){     // echo "Statement was successfully prepared.\n";} else{      echo "Statement could not be prepared.\n";     // ( print_r( sqlsrv_errors(), true)); ACTIVATE ONLY FOR DEBUGGING TO PREVENT HELPING SQL INJECTORS}/* Execute the statement. */if( sqlsrv_execute( $stmt)){     // echo " Statement executed.\n";}else{      echo " Unable to execute prepared statement!\n";     // ( print_r( sqlsrv_errors(), true));}//checkuser$result = sqlsrv_prepare( $conn, $sql, $procedure_params);$info=sqlsrv_fetch_array($stmt);$LoginResult = $info;//Login Successif (!$LoginResult=1){    echo "Login DEAD.";    echo "Login Result: ".$info[0]."\n"; }else{    echo "Login Successful.";    echo "Login Result: ".$info[0]."\n"; }/* Free the statement and connection resources. */sqlsrv_free_stmt($stmt);sqlsrv_close($conn);?>```