我是php的新手,试图学习一些东西。我正在尝试编写一个脚本,允许用户在验证个人信息后重置密码。除了这个PHP脚本,一切都很好。此脚本从表单输入字段接收数据。该计划应该输出:
echo $e.'&u='. $us .'&er='.$err.'&o='. $bulls3 .'&r='.$bulls4;
exit();
可以作为respondText发送到ajax。 问题是这个PHP脚本没有按预期工作,并给我以下错误消息。有没有人可以帮助我。任何帮助将非常感谢。提前感谢您的帮助..
错误输出消息:
警告:mysqli_num_rows()要求参数1为mysqli_result,在第119行的C:\ xampp \ htdocs \ myGenius \ identityverify.php中给出布尔值 接触
<?php
// AJAX CALLS THIS CODE TO EXECUTE
if(isset($_POST["bd"])){
$bad= preg_replace('#[^0-9-]#i', '', $_POST['bd']);
//Connect to database
include_once("php_includes/connect_to_mysqli.php");
$e = mysqli_real_escape_string($db_conx,$_POST['e']);
$c= preg_replace('#[^a-z ]#i', '', $_POST['c']);
$post= preg_replace('#[^a-z0-9]#i', '', $_POST['pst']);
$user= preg_replace('#[^a-z0-9]#i', '', $_POST['us']);
$odd= preg_replace('#[^a-z0-9]#i', '', $_POST['od']);
if($e =="" || $bad =="" || $c=="" ||$post==""){
echo "empty";
exit();
}else if($user=="" || $odd==""){
echo "no_exist";
exit();
}else{
$sql = "SELECT id, username FROM user WHERE email='$e' AND activated='1' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$numrows = mysqli_num_rows($query);
if($numrows > 0){
while($row = mysqli_fetch_array($query, MYSQLI_ASSOC)){
$id = $row["id"];
$u = $row["username"];
//Encrypted values to check with user input passed from hidden fields
//Check codes
$bull= value1;
$bull2= value2;
$bull3= value3;
$bull3=value4;
$us= value5;
$err= value6;
}
if($user==$us && $odd==$err){
$sql = "SELECT country, birthday, postal FROM useroptions WHERE email='$e' AND username='$u' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$numrows = mysqli_num_rows($query);
if($numrows > 0){
while($row = mysqli_fetch_array($query, MYSQLI_ASSOC)){
$con = $row["country"];
$bday = $row["birthday"];
$poost = $row["postal"];
}
if($c == $con && $bad == $bday && $post==$poost){
// encoded value using some type of encryption for passing data to another web page based on user information data
$bulls= value1;
$bulls2= value2;
$bulls1=value3;
$bulls3= value4;
$bulls4= value5;
$bulls3=value6;
$bulls4=value7;
echo $e.'&u='. $us .'&er='.$err.'&o='. $bulls3 .'&r='.$bulls4;
exit();
}else{
echo "wrong";
exit();
}
}else {
echo "contact";
exit();
}//user option not set
}else{
echo "no_exist";
exit();
}//end code comparison and send to error page
}else{
echo "no_exist";
exit();
}
exit();
}}
?>
答案 0 :(得分:0)
我总是使用两个查询,而不是让服务器返回匹配
的所有内容select count(*) from database where condition='expected';
if()
子句执行第二次查询。由于我的主查询尚未执行,因此提供了注射预防措施。
尝试替换
if(isset($_POST["bd"])){
使用
if(!empty($_POST["bd"])){