因此,我在PHP中使用scracth构建了一个网站,并使用WAMP服务器进行测试。
所有内容都在localhost上运行,但在将代码上传到服务器后,使用数据库连接的所有内容都不起作用。
我已经检查过php中的POST是否在服务器上运行,并且它正常工作,我在谷歌搜索后改变了一些php.ini配置并且我已经完成了这个:
register_globals = off; (was default)
allow_url_fopen = on; (was default)
magic_quotes_gpc = off; (was default)
表单代码
http://i.imgur.com/k5kMx9N.png
类中的登录功能
function LoginUser($UserName, $Password)
{
//Protect from SQL Injection
$clientusername = stripslashes(mysql_real_escape_string($UserName));
$clientpassword = stripslashes(mysql_real_escape_string($Password));
$clientusername = trim($clientusername);
$clientpassword = trim($clientpassword);
if($clientusername != "" && $clientusername != "Username" && $clientpassword != "" && $clientpassword != "Password")
{
$this->ConnectToMySQL();
$sql = "SELECT * FROM Users WHERE UserName = '" . $clientusername . "' AND Password = '" . $clientpassword . "'";
$result = mysqli_query($this->DBConnection, $sql);
mysqli_close($this->DBConnection);
// Mysql_num_row is counting table row
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1){
if(!isset($_SESSION))
session_start();
$row = mysqli_fetch_array($result);
$_SESSION['ID'] = session_id();
$_SESSION['timeout'] = time();
session_write_close();
return("O seu login foi feito com sucesso.</br></br><a href='privatemenu.php'>Ir para o Menu</a>");
}
else return("Não foram encontrados utilizadores com os dados fornecidos.</br></br><a href='login.php'>Voltar á pagina de Login</a>");
}
else return("Ocorreu um erro com a entrada dos seus dados.</br></br><a href='login.php'>Voltar á pagina de Login</a>");
}
所以,问题是这个,函数总是在登录功能中返回文本“Ocorreu um erro com a entrada dos seus dados”。
我写了登录数据,按下按钮登录,帖子正在工作我用相同的表格进行了测试,并在另一个页面上回显了表格中的帖子,但是函数永远不会低于第一个if。
任何帮助都将非常感激,因为我认为这不是来自函数,我有另一个只在数据库上插入并完成相同的事情。最奇怪的是数据正确地通过了这些页面。
如果对此有任何疑问,请问我,以便我能更好地解释。
所以感谢Paddyd这里正确的代码完全正常工作:
function LoginUser($UserName, $Password)
{
//Protect from SQL Injection
$this->ConnectToMySQL();
$clientusername = stripslashes(mysqli_real_escape_string($this->DBConnection, $UserName));
$clientpassword = stripslashes(mysqli_real_escape_string($this->DBConnection, $Password));
$clientusername = trim($clientusername);
$clientpassword = trim($clientpassword);
if($clientusername != "" && $clientusername != "Username" && $clientpassword != "" && $clientpassword != "Password")
{
$sql = "SELECT * FROM Users WHERE UserName = '" . $clientusername . "' AND Password = '" . $clientpassword . "'";
$result = mysqli_query($this->DBConnection, $sql);
mysqli_close($this->DBConnection);
// Mysql_num_row is counting table row
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1){
if(!isset($_SESSION))
session_start();
$row = mysqli_fetch_array($result);
$_SESSION['ID'] = session_id();
$_SESSION['timeout'] = time();
session_write_close();
return("O seu login foi feito com sucesso.</br></br><a href='privatemenu.php'>Ir para o Menu</a>");
}
else return("Não foram encontrados utilizadores com os dados fornecidos.</br></br><a href='login.php'>Voltar á pagina de Login</a>");
}
else return("Ocorreu um erro com a entrada dos seus dados.</br></br><a href='login.php'>Voltar á pagina de Login</a>");
}
答案 0 :(得分:1)
Warning: mysql_real_escape_string(): Access denied for user 'apache'@'localhost' (using password: NO) in /home/httpd/vhosts/jaimevale.com/httpdocs/config/configurations.php on line 461
这些是造成问题的原因:
$clientusername = stripslashes(mysqli_real_escape_string($UserName));
$clientpassword = stripslashes(mysqli_real_escape_string($Password));
您尝试在未建立SQL连接的情况下使用mysql_real_escape_string。
在进行这些调用之前建立连接或使用mysql_real_escape_string的替代方法。
尝试在函数开头调用$this->ConnectToMySQL();。
修改:将mysql_real_escape_string更改为mysqli_real_escape_string