$TableName = "interns";
if ($errors == 0)
{
$SQLstring = "SELECT COUNT(*) FROM $TableName" . "WHERE email=$email";
$QueryResult = mysqli_query($DBConnect, $SQLstring);
if ($QueryResult)
{
$Row = mysqli_fetch_row($QueryResult);
if ($Row[0]>0)
{
echo "<p>The email address enterend (" . htmlentities($email) . ") is already registered.</p>\n";
++$errors;
}
}
}
我在这里做错了什么,一切对我来说都很好。我有点晚了,也许我需要一双新鲜的眼睛。任何帮助将不胜感激。
答案 0 :(得分:2)
你错过了一个空间&amp;引用,改变:
"SELECT COUNT(*) FROM $TableName" . "WHERE email=$email";
为:
"SELECT COUNT(*) FROM $TableName" . " WHERE email='$email'";
或更简单(不需要字符串连接):
"SELECT COUNT(*) FROM $TableName WHERE email='$email'";
<强>增加:
正如下面提到的j_mcnally,最好逃避$email以防止可能的SQL注入攻击