[英]update and select from a database table
我有两个数据库表,“用户”有3列(id,[自动递增]用户名和捏),另一个表是“别针”,只有一列(从零开始)我的表
USER
Id username Pinc
1 Josh
2 Angela
3 Chika
PINS
scratches
123456
234515
124564
我想要一种情况,当用户通过表单提交密码时,它将在pins表中检查是否存在此类数据,如果存在,它将使用表单post更新我的用户表的pinc列,并使用它。 如果引脚表中不存在该引脚,则会出现错误“很抱歉,该引脚不存在”。 我的密码
$sql = "SELECT * FROM pins WHERE scratches = '" .' $user_password '. "';";
$query = $this->db_connection->query($sql);
if ($query->num_rows== 0){
$this->errors[] = "Sorry, that PIN does not exist.";
} elseif ($query->num_rows== 1) {
$sql = "UPDATE user ".
"SET pinc = $user_password ".
"WHERE user_name = $user_name" ;
$query_new_user_insert = $this->db_connection->query($sql);
$sql = "SELECT user_name, pinc
FROM user
WHERE user_name = '" . $user_name . "' ;";
$result_of_login_check = $this->db_connection->query($sql);
// if this user exists
if ($result_of_login_check->num_rows == 1) {
// get result row (as an object)
$result_row = $result_of_login_check->fetch_object();
$_SESSION['user_name'] = $result_row->user_name;
$_SESSION['user_login_status'] = 1;
} else {
$this->errors[] = "Wrong password. Try again.";
}
} else {
$this->errors[] = "This user does not exist.";
}
} else {
$this->errors[] = "Database connection problem.";
}
}
}
当我运行代码时,我得到“抱歉的密码不存在”。 有人可以告诉我这是怎么回事吗?
奇怪的字符串结构:
$sql = "SELECT * FROM pins WHERE scratches = '" .' $user_password '. "';";
它将从WHERE scrathes =“ $ user_password”的引脚中选择所有数据。 它将返回未找到的数据。
像这样修改它:
$sql = "SELECT * FROM pins WHERE scratches = '" . $user_password . "';";
告诉我它是如何工作的。
您正在$userpassword
含义周围使用singe quete ''
,因此您以字符串形式传递像这样更改您的第一个查询
$sql = "SELECT * FROM pins WHERE scratches = '".$user_password."';";
和您的第二个查询一样也是错误的。 因为我假设$username
是一个字符串,你需要它环绕单quete ''
这样的
$sql = "UPDATE user ".
"SET pinc = '$user_password' ".
"WHERE user_name = '$user_name'" ;//You are missing single quete here if username is a string
我不知道这还是不是问题,但是在您的第三个查询中有多余的空间。 为您的$username
contanitation后变量(点后. .
)。 如果这样不起作用,请像这样删除它
$sql = "SELECT user_name, pinc
FROM user
WHERE user_name = '".$user_name."' ;";
**
**
$sql = "SELECT * FROM pins WHERE scratches = '".$user_password ."';";
$query = $this->db_connection->query($sql);
if ($query->num_rows== 0){
$this->errors[] = "Sorry, that PIN does not exist.";
} elseif ($query->num_rows== 1) {
$sql = "UPDATE user SET pinc ='".$user_password."' WHERE user_name ='".$user_name."'" ;
$query_new_user_insert = $this->db_connection->query($sql);
$sql = "SELECT user_name, pinc FROM user WHERE user_name = '".$user_name."' ;";
$result_of_login_check = $this->db_connection->query($sql);
// if this user exists
if ($result_of_login_check->num_rows == 1) {
// get result row (as an object)
$result_row = $result_of_login_check->fetch_object();
$_SESSION['user_name'] = $result_row->user_name;
$_SESSION['user_login_status'] = 1;
} else {
$this->errors[] = "Wrong password. Try again.";
}
} else {
$this->errors[] = "This user does not exist.";
}
}
}
}
更改:
$sql = "SELECT * FROM pins WHERE scratches = '" .' $user_password '. "';";
至
$sql = "SELECT * FROM pins WHERE scratches = '".$user_password."'";
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.