[英]login.php sql database
I am getting this error when my login.php file loads.. 'Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource' Heres what i have.. 我的login.php文件加载时出现此错误。“警告:mysql_num_rows():提供的参数不是有效的MySQL结果资源”这就是我所拥有的。
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if($numrows!=0)
{
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if ($username==$dbusername&&$password==$dbpassword)
{
echo "Youre in!";
}
else
echo "Incorrect Password!";
}
else
die("That user doesnt exist!");
}
else
die("Please enter a username and a password!");
?>
Add this to the top of the your file 将此添加到文件的顶部
ini_set('display_errors', 'on');
error_reporting(E_ALL | E_STRICT);
This "should" show your syntax errors, in any case, your issue is syntax errors 此“应”显示您的语法错误,无论如何,您的问题是语法错误
The code below should get you a little closer to your final destination 以下代码应使您更接近最终目的地
<?
ini_set('display_errors', 'on');
error_reporting(E_ALL | E_STRICT);
if($username) {
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if($numrows!=0) {
while ($row = mysql_fetch_assoc($query)) {
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if ($username==$dbusername&&$password==$dbpassword) {
echo "Youre in!";
} else {
echo "Incorrect Password!";
}
} else {
die("That user doesnt exist!");
}
} else {
die("Please enter a username and a password!");
}
You missed some curly brackets: 您错过了一些花括号:
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if($numrows!=0)
{
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if ($username==$dbusername&&$password==$dbpassword)
{
echo "Youre in!";
}
else
echo "Incorrect Password!";
}
} else // <- THIS ONE
die("That user doesnt exist!");
}
// And here another, in a if condition that isn't started in the code you give.
else
die("Please enter a username and a password!");
?>
The server could be configured that if an error shows up, the page is left blank. 可以将服务器配置为:如果出现错误,则该页面为空白。
Some other tips for mySQL login: Never ever put an user input directly in a MySQL query statement! mySQL登录的其他一些技巧: 永远不要将用户输入直接放在MySQL查询语句中! It is then very easy to hack your site by means of SQL injection.
这样就很容易通过SQL注入来入侵您的网站。
For more details: http://www.derby-web-design-agency.co.uk/blog-post/how-to-create-a-secure-login-system-in-php-part-1/12/ 有关更多详细信息,请访问: http : //www.derby-web-design-agency.co.uk/blog-post/how-to-create-a-secure-login-system-in-php-part-1/12/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.