[英]Cannot return correct result from SQL query in PHP
I have created a table and there are some data inside 我创建了一个表,里面有一些数据
however, by using the following link, i always get the result of {"flag":"0","msg":"Incorrect id."}, no matter the id is correct or not 但是,通过使用以下链接,无论ID是否正确,我总是得到{“ flag”:“ 0”,“ msg”:“ Invalid id。”}的结果
i wondering where the problems happen? 我想知道问题在哪里发生? thanks 谢谢
http://mydomain.com/ajax_login_json.php?user_name=admin&password=admin http://mydomain.com/ajax_login_json.php?user_name=admin&password=admin
<?php session_start();
//Connect to database from here
$link = mysql_connect('****', '****', '****');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
//select the database | Change the name of database from here
mysql_select_db('****');
//get the posted values
$user_name=htmlspecialchars($_POST['user_name'],ENT_QUOTES);
$pass=$_POST['password'];
//now validating the username and password
$sql="SELECT user_name, password FROM tbl_user WHERE user_name='".$user_name."'";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
printf("Select returned %d rows from tbl_user.\n", $result->num_rows);
//if username exists
if(mysql_num_rows($result)>0)
{
//compare the password
if(strcmp($row['password'],$pass)==0)
{
// Return success message
$message = array("flag" => "1", "msg" => "Login successfully.");
echo json_encode($message);
//Regenerate session ID to prevent session fixation attacks
//session_regenerate_id();
//now set the session from here if needed
//$_SESSION['u_name']=$user_name;
//$member=mysql_fetch_assoc($result);
//$_SESSION['u_id']=$member['id'];
//$name_show=$member['first_name'].' '.$member['last_name'];
//$_SESSION['name']=$name_show;
//Write session to disc
//session_write_close();
}
else
// Return error message
$message = array("flag" => "0", "msg" => "Incorrect password.");
echo json_encode($message);
}
else //if username not exists
{ // Return error message
$message = array("flag" => "0", "msg" => "Incorrect id.");
echo json_encode($message);
}
mysql_close($link);
?>
It seems 它似乎
$sql="SELECT user_name, password FROM tbl_user WHERE user_name='".$user_name."'";
result is 0 if you don't get any db connection error. 如果没有任何数据库连接错误,则结果为0。 Try to print $user_name
to see if it is in your DB table first. 尝试打印$user_name
,首先查看它是否在数据库表中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.