php没有从数据库获取用户信息

时间:2013-12-06 20:58:16

标签: php mysql

数据库信息正确且有效,我已多次测试过。数据库与我试图从中提取数据的表一起存在。我在数据库中有虚拟信息,这里是我的代码,用于检查数据库'network'中的用户,表'users':

<?php 
require 'core/init.php';

if (empty($_POST) === false){
    $username = $_POST['username'];
    $password = $_POST['password'];

    if (empty($username) === true || empty($password) === true) {
        $errors[] = 'You need to enter a username and password.';
    } else if (user_exists($username) === false) {
        $errors[] = 'Username does not exists. Have you registered?';
    } else if (user_active($username) === false) {
        $errors[] = 'Your account is not activated. Please check your email!';
    } else {

    }

    print_r($errors);
}
?>

以下是函数'user_exists($ username)'

的代码 
<?php


function user_exists($username) {
    $username = sanitize($username);
    return (mysql_result(mysql_query("SELECT COUNT('user_id') FROM 'users' WHERE 'username' = '".$username."'"), 0) === 1) ? true : false;
}

function user_active($username) {
    $username = sanitize($username);
    return (mysql_result(mysql_query("SELECT COUNT('user_id') FROM 'users' WHERE 'username' = '".$username."' AND 'active' = 1"), 0) === 1) ? true : false;
}
?>

清理功能:

<?php
function sanitize($data) {
    return mysqli_real_escape_string($data);
}
?>

这是我的问题:

当我使用虚拟信息登录时 - 用户名;密码(md5通过phpmyadmin散列)如果显示错误:

  

'用户名不存在。你注册了吗?'

我尝试过使用不同的数据库,不同的用户......没有任何作用..帮助!

3 个答案:

答案 0 :(得分:1)

对列和表名称使用反向刻度,而不是引号。

"SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '".$username."'")

return (mysql_result(mysql_query("SELECT COUNT('user_id') 
FROM 'users' WHERE 'username' = '".$username."'"), 0) === 1) ? true : false;
}

mysql_results返回一个单元格或false,因此永远不会达到条件===1

Docs

  

成功时从MySQL结果集返回一个单元格的内容,   或失败时为假。

return (mysql_result(mysql_query("SELECT COUNT('user_id') 
FROM 'users' WHERE 'username' = '".$username."'"), 0) == false) ? false: true;
}

此外,您正在mysql与[{1}}功能中使用mysqli_real_escape_string进行关联。不要混淆它们。

答案 1 :(得分:0)

function user_exists($username) {
    $username = sanitize($username);
    return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '".$username."'"), 0) == 1) ? true : false;
}

function user_active($username) {
    $username = sanitize($username);
    return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '".$username."' AND `active` = 1"), 0) == 1) ? true : false;
}

做了什么:

  1. 用'

    2. 替换''作为列名

  2. 使用==而不是===

答案 2 :(得分:0)

PDO:

function user_exists($username) {
    $db = new PDO('mysql:host=localhost;dbname=testdb;charset=utf8', 'username', 'password', array(PDO::ATTR_EMULATE_PREPARES => falsse, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
    $stmt = $db->query("SELECT `user_id` FROM `users` WHERE `username` = '".$username."'"));
    $row_count = $stmt->rowCount();
    if($row_count==="1"){return true;}else{return false;}
}
相关问题
最新问题