在第17行上,我收到此错误,并且不确定该如何纠正。似乎与mysqli调用查询函数有关。
if (isset($_POST['un'])) {
$user = sanitizeString($_POST['un']);
$pass = sanitizeString($_POST['pw']);
if($user == "" || $pass == "")
$error = "Not all fields were entered";
}
else{
$sql = "SELECT username, password FROM `Info` WHERE username = '$user'AND pass = '$pass'";
$result = mysqli->query($sql);
if($result->num_rows == 0){
$error = "Invalid login attempt";
}
else {
$_SESSION['un'] = $user;
$_SESSION['pw'] = $pass;
die("You are now logged in.");
}
}```
HP Parse error: syntax error, unexpected '->' (T_OBJECT_OPERATOR) in /Applications/MAMP/htdocs/onsubmitlogin.php on line 17
I tried to read and debug the code myself but I don't recognize a syntactical error
答案 0 :(得分:1)
我不知道您在哪里创建了数据库连接对象。在执行查询之前,您必须创建一个连接对象然后进行查询。示例:
$mysqli = new mysqli("your_host", "your_user", "your_password", "your_db_name");
$sql = "SELECT username, password FROM `Info` WHERE username = '$user'AND pass = '$pass'";
$result = $mysqli->query($sql);
您的代码有语法错误。代码行是:
$result = mysqli->query($sql);
// ^^^^^^^
这里mysqli应该是连接对象。
为了清楚地理解reference。
还建议您bind您的参数来进行无风险( SQL注入)查询。示例:
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("ss", $user,$pass);
$stmt->execute();