小贝子编程

'login'脚本混乱情况下的SQL查询问题



我在PHP和WampServer上遇到了问题。我一生中第一次做这样的思考,我真的很困惑,因为我找到的每个例子都根本不起作用,或者我没有得到输出。你能帮忙吗?

enter code<?php
require_once "connect.php";
$connection = @new mysqli($host, $db_user, $db_password, $db_name);
//if($connection->connect_error)
//{
//  echo "Nie można połączyć się z bazą danych";
////} else
//{
    $mail = isset('$_POST[mail]');
    $haslo = isset('$_POST[haslo]');
    sql = "SELECT * FROM users WHERE mail='$mail' AND haslo='$haslo'";
    if ($result = @$connection->query($sql))
    {
        $user = $result->num_rows;
        if($user>0)
        {
            $row = $result->fetch_assoc();
            $user =  $row['mail'];
            header('Location:user.php');
            $result->close();
        } else {
            echo"Podałeś złe dane";
        }
    }
    $connection->close();
//  }
?>

欢迎来到 SO。

请在代码中找到以下更正:

<?php
require_once "connect.php";
$connection = @new mysqli($host, $db_user, $db_password, $db_name);
//if($connection->connect_error)
//{
//  echo "Nie można połączyć się z bazą danych";
////} else
//{
    $mail = isset($_POST['mail']) ? $_POST['mail'] : ''; // Added ternary operatr and properly placed single quotes.
    $haslo = isset($_POST['haslo']) ? $_POST['haslo'] : ''; // Same as above
    $sql = "SELECT * FROM users WHERE mail='$mail' AND haslo='$haslo'"; // Replaced sql by $sql as pointed out in comments.
    if ($result = $connection->query($sql)) // Removed @ (Error supressor, no need for it.)
    {
        $user = $result->num_rows;
        if($user>0)
        {
            $row = $result->fetch_assoc();
            $user =  $row['mail'];
            header('Location:user.php');
            $result->close();
        } else {
            echo"Podałeś złe dane";
        }
    }
    $connection->close();
//  }
?>
有一些

检查需要以这种方式更新以获取用于操作
的输出值更新

<?php
require_once "connect.php";
$connection = @new mysqli($host, $db_user, $db_password, $db_name);
//if($connection->connect_error)
//{
//  echo "Nie można połączyć się z bazą danych";
////} else
//{
    $mail = isset($_POST['mail']) ? $_POST['mail'] : '';
    $haslo = isset($_POST['haslo']) ? $_POST['haslo'] : '';
    sql = "SELECT * FROM users WHERE mail='$mail' AND haslo='$haslo'";
    if ($result = @$connection->query($sql))
    {
        $user = $result->num_rows;
        if(isset($user) && $user > 0)
        {
            $row = $result->fetch_assoc();
            $user =  $row['mail'];
            header('Location:user.php');
            $result->close();
        } else {
            echo"Podałeś złe dane";
        }
    }
    $connection->close();
//  }
?>

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium