我一直在尝试从我的mysql服务器表字段中设置一个等于$ _SESSION [“mypermissions”]会话变量的值。无论我尝试什么,它都会出现空白或者值为0.我觉得这可能是一个愚蠢的问题而且有一个简单的解决方案,但似乎没有任何效果。到目前为止,这是我的代码,看看有问题的SQL查询的底部。
<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="comproject"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
session_start();
$_SESSION["myusername"] = $myusername;
$sql = "SELECT permissions FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$_SESSION["mypermissions"] = mysql_query($sql);
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
答案 0 :(得分:1)
似乎您没有获取查询结果。你必须根据结果集会话变量获取结果,如下所示:
<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="comproject"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' limit 1";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
session_start();
$_SESSION["myusername"] = $myusername;
$row = mysql_fetch_object( $result);//fetch object
$_SESSION["mypermissions"] = $row->permissions; // set permission to session
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
答案 1 :(得分:0)
$res = mysql_query($sql);
$row = mysql_fetch_object($res);
$_SESSION["mypermissions"] = $row->permissions;