Question

使用下面的代码，我能够在表格中显示每个用户名和试用版1/0标志。我想要做的只是为现有用户显示数据，所以我可以说“Hello USERNAME，你有TRIAL访问......”等等......

我们使用标准HTACESS作为un / pass进入信息区域。

此处需要更改哪些内容才能显示现有用户的会话？

<?PHP

$user_name = "blahblahblah";
$password = "blahblahblah";
$database = "blahblahblah";
$server = "127.0.0.1";

$db_handle = mysql_connect($server, $user_name, $password);
$db_found = mysql_select_db($database, $db_handle);

if ($db_found) {

$SQL = "SELECT * FROM member_auth";
$result = mysql_query($SQL);

while ( $db_field = mysql_fetch_array($result) ) {

print $db_field['username'] . " : ";
print $db_field['trial'] . " <br> ";

}

mysql_close($db_handle);

}
else {

print "Database NOT Found ";
mysql_close($db_handle);

}

?>

Answer 1

请不要使用mysql_ functions ..在这里查看PDO或MySQLi：http://www.phptherightway.com/#databases

更新您的查询以仅返回特定用户结果。

使用表单POST：

$username = mysql_real_escape_string($_POST["username"]);
$password = mysql_real_escape_string($_POST["password"]);

使用网址参数：

$username = mysql_real_escape_string($_GET["username"]);
$password = mysql_real_escape_string($_GET["password"]);

因此，您的SQL查询现在将如下所示：

$SQL = "SELECT * FROM member_auth WHERE username = '" . $username . "' AND password = '" . $password . "'";

将SQL查询减少到特定会话

1 个答案: