MySQL和PHP中的特定用戶類型
[英]Specific user type in MySQL and PHP
問題描述
我有3個用於connection.php的文件。 work.php login.php這些是我用來識別數據庫中用戶類型或管理員類型的代碼。
我使用MySQL,因為它在編碼/開發過程中是必需的,
我遇到的問題是我無法檢測到用戶類型。 您能否建議識別用戶類型的可能性。
login.php
<?php
// Try and connect to the database
include('connection.php');
$selected = mysql_select_db("wildlife",$conn)
or die("Could not select ");
//$myusername = mysql_real_escape_string($conn,$_POST['username']);
//$mypassword = mysql_real_escape_string($conn,$_POST['password']);
if(isset($_POST['user']) && isset($_POST['pass'])){
$user = $_POST['user'];
$pass = $_POST['pass'];
//$type = $_POST['type'];
// $query = mysql_query("SELECT * FROM wrd_users WHERE emp_username='$user' and emp_password='$pass'
//and emp_type = '1'");
$query = mysql_query("SELECT * FROM wrd_users WHERE emp_username='$user' and emp_password='$pass' ");
if(mysql_num_rows($query) > 0 )
{
//check if there is already an entry for that username
echo "<br>DETECTED Username AND PASS already exists!";
$query = mysql_query("SELECT emp_type FROM wrd_users WHERE emp_type = '1' ");
if(mysql_num_rows($query) > 0 )
{
//check if there is already an entry for that username
echo "<br>KING1";
}
else
{
echo "<br>QUEEN1";
}
$query = mysql_query("SELECT emp_type FROM wrd_users WHERE emp_type = '2' ");
if(mysql_num_rows($query) > 0 )
{
//check if there is already an entry for that username
echo "<br>KING2";
}
else
{
echo "<br>QUEEN";
}
}
else
{
//header("location:index.php");
echo(" No User Found");
//header('work.php');
}
}
mysql_close();
?>
connection.php
<?php
$conn = mysql_connect('localhost', 'root', '', 'wildlife');
if (!$conn)
{
die('Connect Error: ' . mysql_errno());
}
else
{
echo ("connected from connection.php");
}
?>
work.php
<?php
include('login.php');
?>
<html>
<head><title>INDETIFY THE USER TYPE</title>
</head>
<body>
<form action="login.php" method="post"> <!-- Sign In Process -->
Username: <input type="text" name="user" id="emp_username"style="width:150">
<br />
Password: <input type="password" name="pass" id="emp_password"style="width:153">
<br />
<br />
<input type="submit" value="submit">
</form>
</body>
</html>
結果,當輸入** super,super **時
2 個解決方案
解決方案1
1 2016-08-05 08:52:28
首先:不再使用mysql_*函數。 相關問題: 為什么我不應該在PHP中使用mysql_ *函數? 而是使用mysqli_*函數或PDO數據庫擴展來連接到MySQL數據庫。
第二:您的實現是錯誤的。 您的函數mysql_num_rows將始終只返回一行,因為您在查詢中所說的只是“給我emp_type為1的所有行”(或2)。 但這將始終返回一行,因為您具有emp_type 1的行。像這樣編輯查詢:
$result = mysql_query("SELECT emp_type FROM wrd_users WHERE emp_username = '$user'");
之后,您可以讀取結果的emp_type記錄中的內容。
更好的方法是轉義您輸入的信息以防止sql-injection:
$result = mysql_query("SELECT emp_type FROM wrd_users WHERE emp_username = '".mysql_real_escape_string($user)."'");
但是請記住不要再使用mysql_ *了!
解決方案2
0 2016-08-05 08:42:11
試試這個代碼
$query = mysql_query("SELECT *
FROM wrd_users
WHERE emp_username='$user'
and emp_password='$pass' ");
if(mysql_num_rows($query) > 0 )
{
//check if there is already an entry for that username
$row=mysql_fetch_array($query);
if($row['emp_type']=='1')
{
echo "<br>KING1";
}
if($row['emp_type']=='2')
{
echo "<br>KING2";
}
}
else
{
//header("location:index.php");
echo(" No User Found");
//header('work.php');
}
mysql SUM()和php表中針對特定用戶的動態行不起作用
[英]mysql SUM() and dynamic rows in php table for a specific user not working
如何將用戶輸入的特定元素與數據庫匹配? -php / mysql / ajax
[英]How to match specific elements that user enters with database? -php/mysql/ajax
PHP如何使用localhost用戶和特定綁定地址連接到mysql
[英]How Can PHP connect to mysql with localhost user and specific bind address
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.