PHP MYSQLI行数不起作用没有错误 [英] PHP MYSQLI number of rows doesnt work no errors
问题描述
当用户单击登录checklogin.php时,我有一个登录表单,它应该检查用户名和密码是否匹配数据库上的任何记录,如果为true,则其他操作会打印错误的密码或用户名
I have a login form when user clicks login checklogin.php is called and it should check username and password matches any record on database if true do something else print wrong password or username
到目前为止,即使用户名和密码正确,我也得到了错误的密码用户名.我进行了一些更改,但现在没有回声,printf或错误
So far i get wrong password username even though it is correct username&&password. I have made somechanges but now no echo, printf or error
我该如何解决此问题?
表格
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
checklogin.php
checklogin.php
<?php
$mysqli = new mysqli('localhost', 'root', 'password', 'aiesec');
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysqli_real_escape_string($myusername);
$mypassword = mysqli_real_escape_string($mypassword);
// If result matched $myusername and $mypassword, table row must be 1 row
$sql = "SELECT * FROM members WHERE username='$myusername' and password='$mypassword";
if($result = mysqli->query($sql, MYSQLI_USE_RESULT))
{
printf("Errormessage: %s\n", $mysqli->error);
echo $result->num_rows; //zero
while($row = $result->fetch_row())
{
printf("Errormessage: %s\n", $mysqli->error);
echo $result->num_rows; //incrementing by one each time
}
echo $result->num_rows; // Finally the total count
}
if($row==1){
echo "correct username and pass";
// Register $myusername, $mypassword and redirect to file "login_success.php"
// session_register("myusername");
//session_register("mypassword");
//header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
mysqli_close();
?>
我也尝试过
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysqli_query($sql);
// Mysql_num_row is counting table row
$count=mysqli_num_rows($result);
推荐答案
为确保您看到所有PHP错误,请在脚本顶部添加以下代码:
To be sure you see all PHP errors, add this code on top of your script:
error_reporting(E_ALL);
ini_set('display_errors', 1);
您必须更正对mysqli_real_escape_string的呼叫.根据文档,必须有两个参数,第一个参数必须是MySQL链接.在您的情况下,该链接为$ mysqli.
You must correct your calls to mysqli_real_escape_string. According to the documentation, there must be two parameters, and the first parameter must be a MySQL link. In your case that link would be $mysqli.
另外,替换:
if($row==1){
具有:
if($result->num_row==1){
您误解了$ result-> num_rows是什么:它包含查询返回的总行数,其结果存储在$ result中.因此,在循环中检查$ result-> num_rows的值是没有用的,在该循环中检索查询返回的所有记录.
You are misunderstanding what $result->num_rows is: it contains the TOTAL number of rows returned by the query whose result is stored in $result. So, it is useless to check the value of $result->num_rows inside the loop where you retrieve all records returned by the query.
我从您的query()中删除了常量MYSQLI_USE_RESULT,因为有关mysqli_query的文档说:
如果您使用MYSQLI_USE_RESULT,则所有后续调用将返回不同步的错误命令,除非您调用mysqli_free_result().
I removed the constant MYSQLI_USE_RESULT from your query() because the documentation for mysqli_query says:
If you use MYSQLI_USE_RESULT all subsequent calls will return error Commands out of sync unless you call mysqli_free_result().
新代码:
<?php
$mysqli = new mysqli('localhost', 'root', 'password', 'aiesec');
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
// cleanup POST variables
$myusername = mysqli_real_escape_string($mysqli, stripslashes(trim($_POST['myusername'])));
$mypassword = mysqli_real_escape_string($mysqli, stripslashes(trim($_POST['mypassword'])));
// If result matched $myusername and $mypassword, table row must be 1 row
$sql = "SELECT * FROM members WHERE username='$myusername' and password='$mypassword'";
$result = mysqli->query($sql);
if($mysqli->errno<>0)
die("Errormessage: %s\n", $mysqli->error);
echo $result->num_rows;
if($result->num_rows==1){
echo "correct username and pass";
// Register $myusername, $mypassword and redirect to file "login_success.php"
// session_register("myusername");
//session_register("mypassword");
//header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
mysqli_close();
?>
这篇关于PHP MYSQLI行数不起作用没有错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
