我在第14行的标题上收到错误。我是非常新的php,我登录并且此代码在登录索引页面时抛出错误。我能登录(不太确定如何)。
<?php
include 'functions.php';
include_once("config.php");
session_start();
if(!isset($_SESSION["email"])){
header("location: login.php");
exit();
}
$id = preg_replace('#[^0-9]#i', '',$_SESSION["id"]);
$email = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["email"]);
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]);
include "db_connect.php";
$sql=mysql_query("SELECT * FROM 'members' WHERE id - ? LIMIT 1"); // query the person
$existCount=mysql_num_rows($sql); // count the nums
if ($existCount==1){//evaluate the count
echo "Your login session data is not on record in the database";
exit();
}
?>
答案 0 :(得分:0)
您的SQL语句不完整:
而不是
$sql=mysql_query("SELECT * FROM 'members' WHERE id - ? LIMIT 1"); // query the person
使用此
$sql=mysql_query("SELECT * FROM members WHERE id ="."'".$id."'"." and password ="."'".$password."' LIMIT 1"); // query the person
假设您按原样使用密码(这不是一个好主意)。您应该在将其存储到数据库之前对其进行编码。
答案 1 :(得分:-1)
只需更正您的查询语句:
<?php
$sql = "SELECT * FROM `members` WHERE id = '{$id}' LIMIT 1";
// `members` can also be simply members only but don't use quotes like ('', or "")
?>
查询此声明,您将解决问题 有点建议mysql_ *已被正式弃用,因此请使用 mysqli 或 PDO 。