目前我正在使用以下代码:
$sql = sprintf("SELECT * FROM users WHERE email = '%s' and password = '%s'", $email, $password);
我想完成以下任务:
$sql = sprintf("SELECT * FROM database1.users AND database2.users WHERE email = '%s' and password = '%s'", $email, $password);
我需要检查两个表中是否存在用户。
有关如何处理此事的任何建议吗?
答案 0 :(得分:2)
您可以使用UNION组合两个查询:
SELECT * FROM database1.users WHERE email = '%s' and password = '%s'
UNION
SELECT * FROM database2.users WHERE email = '%s' and password = '%s'
答案 1 :(得分:0)
您的查询可以如下:
SELECT table1.*, table2.* FROM table1 JOIN table2
ON table1.userID=table2.userID WHERE email=? AND password=? LIMIT 1
将变量附加到SQL查询是非常危险的,虽然您在使用sprintf时很有意义,但它无法实现您的意图。使用prepared statement来正确防范SQL注入。
答案 2 :(得分:0)
SELECT IF(A.UserFound*B.UserFound=0,'No','Yes') Authenticated
FROM
(
SELECT COUNT(1) UserFound FROM database1.users
WHERE email = '%s' and password = '%s'
) A,
(
SELECT COUNT(1) UserFound FROM database2.users
WHERE email = '%s' and password = '%s'
) B;