嘿,我正在尝试验证我的xml文件中的用户名和密码是否与我的数据库中的用户名和密码相同,但mysql_num_rows为零。所以我的SELECT查询一定有问题。 这是我的代码:
public function verifyDB()
{
//connection to database
mysql_connect('localhost','root','') or die(mysql_error());
mysql_select_db('proiect_is') or die(mysql_error());
$data =mysql_query("SELECT id FROM users WHERE userName ='$this->xml->parameters->username' AND password ='$this->xml->parameters->pass'");
//we check if any row was returned
echo $data;
echo $this->xml->parameters->username."<BR>";
echo $this->xml->parameters->pass."<BR>";
print_r(mysql_num_rows($data));
if (mysql_num_rows($data))
{
$row = mysql_fetch_assoc($data);
$this->_id= $row['id'];
echo $row;
return true;
}
else
{return false;}
}
这是我的xml登录文件:
<xml version="">
<action>log_in</action>
<parameters>
<username>Ionel P</username>
<pass>abdef01</pass>
</parameters>
</xml>
答案 0 :(得分:8)
如果要在字符串中插入变量,则应使用{},如下所示:
"SELECT id FROM users WHERE userName ='{$this->xml->parameters->username}' AND password ='{$this->xml->parameters->pass}'"
这告诉解析器插入变量$this->xml->parameters->username,否则它只会尝试使用$this(并留下->xml->parameters->username作为文本,最终会出现在“ [toString-Text]中你的对象] - &gt; xml-&gt;参数 - &gt;用户名“这显然是错误的。”
答案 1 :(得分:1)
尝试:
$data =mysql_query("SELECT id FROM users WHERE userName ='".$this->xml->parameters->username."' AND password ='".$this->xml->parameters->pass."'");
答案 2 :(得分:1)
确实
$data =mysql_query("SELECT id FROM users WHERE userName ='$this->xml->parameters->username' AND password ='$this->xml->parameters->pass'");
echo mysql_error();
返回任何错误?这应该可以很好地说明问题所在。
答案 3 :(得分:1)
试试这个:
$data =mysql_query(sprintf("SELECT id FROM users WHERE userName ='%s' AND password ='%s'", mysql_real_escape_string($this->xml->parameters->username), mysql_real_escape_string($this->xml->parameters->pass)));