堆栈内存溢出
  繁体   English   中英

密码检查 mysqli_num_rows 总是返回 0

[英]Password check mysqli_num_rows always returns 0

 原文  2019-06-16 00:28:42       php/ jquery

问题描述

我已经将以下代码写入数据库的用户名和密码。 问题是它说“密码不正确”,即使它是。 mysqli_num_rows 似乎不应该返回 0 。 请帮忙!

连接到数据库

<?php  
$servername = "localhost";
$username = "root";
$password = "mysql";
$dbname = "Inventorydb";

$conn = new mysqli($servername, $username, $password, "Inventorydb");

// check the connection
if($conn === false)
{
    die("ERROR: Could not connect. " . mysqli_connect_error());
}
else 
{
    echo ("successfully connected to the database Inventorydb");
    echo "<br />";
}              
?>

登录php代码

<?php 
// Parse the log in form if the user has filled it out and pressed "LogIn"
if (isset($_POST["username"]) && isset($_POST["password"])) 
{
    // filter everything but numbers and letters
    $manager = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["username"]);

    // filter everything but numbers and letters
    $password = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password"]);

    // Connect to the MySQL database  
    include "../storescripts/connect_to_mysql.php"; 

    // query the person
    $sql = "SELECT id 
            FROM admin 
            WHERE username='$manager' 
              AND password='$password' 
            LIMIT 1";

    $result = mysqli_query($conn,$sql);

    // ------- MAKE SURE PERSON EXISTS IN DATABASE ---------
    // count the row nums
    $existCount = mysqli_num_rows($result); 

    echo $existCount;

    if ($existCount == 1) 
    { 
        // evaluate the count
        while($row = mysql_fetch_array($result))
        { 
            $id = $row["id"];
        }

        $_SESSION["id"] = $id;
        $_SESSION["manager"] = $manager;
        $_SESSION["password"] = $password;
        header("location: index.php");
        exit();
    } 
    else 
    {
        echo 'That information is incorrect, try again <a href="index.php">Click Here</a>';
        exit();
    }
}
?>

1 个解决方案

解决方案1
 0 已采纳  2019-06-16 00:46:09

您的

include "../storescripts/connect_to_mysql.php"; 


$password = "mysql";

在它所以

$password = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password"]);

被覆盖。 也不要使用纯文本密码和参数化您的查询。

看:

  1. https://www.php.net/manual/en/ref.password.php
  2. https://php.net/manual/en/mysqli.quickstart.prepared-statements.php

要解决您的问题,请重命名脚本中的变量,或者更早地包含数据库连接。

此外

mysql_fetch_array

不会与mysqli并且将来可能会给您带来致命错误。 到处使用mysqli函数。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 mysqli_num_rows始终为1 MySQL和PHP,mysqli_num_rows始终返回0 mysqli_num_rows总是返回0 MYSQLI_NUM_ROWS始终返回0 mysqli_num_rows()总是抛出错误 mysqli_num_rows函数返回1而不是0 mysqli_num_rows不管什么都返回1 准备好的语句上的 mysqli_num_rows 返回 0 检查数据库中是否存在mysqli_num_rows mysqli_num_rows在PHP中始终显示1(工作台显示正常)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM