mysql_fetch_assoc - 不显示结果

时间:2013-08-03 01:28:36

标签: php mysql login

我正在尝试使用mysql_fetch_assoc()从我的数据库中检索我的结果,但是当我回显以下(纯白屏幕)时,我似乎没有得到任何结果:

$email_address = $_POST['email_address'];
    $password = $_POST['password'];

    if(login($email_address, $password)){
        $query = mysql_query("SELECT * FROM `users` WHERE `email_address` = '$email_address' AND `password` = '$password'");
        $row = mysql_fetch_assoc($query);
        echo $row['email_address'];
    }else{
        echo "Invalid login";
    }

3 个答案:

答案 0 :(得分:0)

您可以尝试以下内容,

if (isset($_POST['email_address']) && isset($_POST['password'])) {

$email_address = $_POST['email_address'];
$password = $_POST['password'];

//conection:
$con= mysqli_connect("hostname","username","password","database") or die("Error " . mysqli_error($link));

//query:
$query = mysql_query("SELECT * FROM users WHERE users.email_address = '$email_address' AND users.password = '$password'");

//display information:
$row = mysql_fetch_assoc($query);

if($email_address == $row['email_address'] && $password == $row['Password']){
echo $row['email_address'];
}else{
echo "Invalid login";
}
}

答案 1 :(得分:0)

尝试if($query==NULL) {/* handle error */}来捕获连接/数据库错误。

然后

$nrows=mysql_num_rows($query); //get the number of rows returned
if($nrows==0) //no match
else if($nrows==1) //match
else {/*more than 1 rows, probably sql injection */}

也就是说,远离已弃用的MySQL扩展并改为使用MySQLi。如果您打算在任何时间点公开网站,也请hash your passwords,最好是bcrypt。请参阅this video,了解为什么不应使用简单哈希函数(甚至是盐渍函数)来散列密码以及为什么要使用KDF来简要概述。

最后,您的代码对SQL注入开放。 See this question关于如何防范它。

作为旁注,有些人避免做SELECT *,因为

  • 架构可能会在以后更改
  • 它为您提供了可能不需要的列,因此需要额外的传输/处理时间
  • 选择所需的列会增加代码清晰度

答案 2 :(得分:0)

将您的查询更改为此内容,添加die(mysql_error())以检查您的查询中是否有任何错误:

$email_address = $_POST['email_address'];
$password = $_POST['password'];

if(login($email_address, $password)){
    $query = mysql_query("SELECT * FROM `users` WHERE `email_address` = '$email_address' AND `password` = '$password'") or die(mysql_error());
    $row = mysql_fetch_assoc($query);
    echo $row['email_address'];
} else {
    echo "Invalid login";
}