PHP mysqli查询不起作用

时间:2012-11-06 20:45:03

标签: php database login mysqli

当用户输入他们的详细信息时,他们点击登录但它不能正常工作,我与数据库的连接很好,这个文件无效,任何帮助将不胜感激,谢谢      

include '../connection.php'; //used to include connection file that is 1 level higher in the directory 

$username = $_REQUEST['username'];
$password = $_REQUEST['password'];

$fquery = 'SELECT Username FROM login LIMIT 0, 30 ';
$squery = 'SELECT Password FROM login LIMIT 0, 30 ';

$username_query = mysqli_query($dbc, $fquery);
$password_query = mysqli_query($dbc, $squery);

$username_row = mysqli_fetch_array($username_query);
$password_row = mysqli_fetch_array($password_query);

if($username == $username_row && $password == $password_row) {
    echo 'username and password correct';
}


?>

3 个答案:

答案 0 :(得分:2)

<?php

include '../connection.php'; //used to include connection file that is 1 level higher in the directory 

$username = $_REQUEST['username'];
$password = $_REQUEST['password'];

$query = 'SELECT Username FROM login WHERE Username = ? AND Password = ?';

/* set a default value to check against */
$valid_user = '';

/* use prepared statement */
$stmt = mysqli_stmt_init($dbc);
if (mysqli_stmt_prepare($stmt, $query)) {
    /* set question marks equal to values */
    mysqli_stmt_bind_param($stmt, 'ss', $username, $password);
    mysqli_stmt_execute($stmt);

    /* get the valid username only if query is successful */
    mysqli_stmt_bind_result($stmt, $valid_user);
    mysqli_stmt_fetch($stmt);

    /* close the statment */
    mysqli_stmt_close($stmt);
}


/* check if default was overwritten */
if($valid_user != '') {
    echo 'username and password correct';
}
?>

尝试一下,应该完成你想要做的事情。

答案 1 :(得分:0)

     $username_query = mysqli_query($dbc, $fquery);
     $password_query = mysqli_query($dbc, $squery);       
     $username_row   = $username_query->fetch_array(MYSQLI_ASSOC);
     $password_row   = $password_query->fetch_array(MYSQLI_ASSOC);        

     if($username == $username_row['username'] && $password == $password_row['Password']) {
       echo 'username and password correct';
     }

答案 2 :(得分:0)

$username = mysqli_real_escape_string($dbc, $_REQUEST['username']);
$password = mysqli_real_escape_string($dbc, $_REQUEST['password']);
$query = "SELECT * FROM login WHERE Username = '$username' AND Password = '$password' LIMIT 1";

if(mysqli_num_rows($query) > 0)
    echo 'username and password correct';
相关问题
最新问题