警告:mysql_result()期望参数1是资源,布尔值在第10行的C:\ wamp \ www \ Bitev3 \ core \ functions \ users.php中给出

时间:2014-01-22 05:12:20

标签: php html mysql forms boolean

嘿大家我正在为我的网站创建一个登录页面。但是当我尝试登录到网站时,我收到以下错误警告:mysql_result()期望参数1是资源,布尔值在第10行的C:\ wamp \ www \ Bitev3 \ core \ functions \ users.php中给出。

非常感谢任何帮助。

Html文件

<?php
    include 'core/init.php';
    ?>


<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Index</title>

</head>
<body>
<div>
</div>
<div>

<form action='login.php' name="login" id ="login" method = "POST">
<table width=>
  <tr>
    <td><label for="Email"></label>
      Email:
      <input type="text" name="email" id="Email">
     </td>
    <td><label for="Password"></label>
      Password:

      <input type="password" name="password" id="Password">
      </td>
    <td><input type="submit" name="Login" id="Login" value="Login"></td>
  </tr>
</table>
<a href="UserRegistration.php">not registered sign up</a>
</form>
</div>

</body>
</html>

初始文件

<?php
session_start();
//error_reporting(0);
require '/database/connect.php';
require '/functions/general.php';
require '/functions/users.php';
$errors = array();
?>

用户文件

<?php
function logged_in() {
    return(isset($_SESSION['UserID'])) ? true : false; 

}

function user_exists ($email) {
    $email = sanitize ($email);
    $query = mysql_query ("SELECT COUNT ('UserID') FROM 'users' WHERE 'Email' = '$email'");
    return (mysql_result($query, 0) == 1) ? true : false;

}

function user_active ($email) {
    $email = sanitize ($email);
    $query = mysql_query ("SELECT COUNT ('UserID') FROM 'users' WHERE 'Email' = '$email' AND 'activated' = 1");
    return (mysql_result($query, 0) == 1) ? true : false;

}
function user_id_from_email($email){
    $email =sanitize ($email);
    return mysql_result(mysql_query("SELECT 'UserID' FROM 'users WHERE 'Email' = '$email'"), 0, 'UserID');
}
function login ($email, $password){
 $UserID = UserID_from_username($email);
 $email = sanitize ($email);
 $password = md5 ($password);

 return(mysql_result(mysql_query ("SELECT COUNT ('UserID' FROM 'users' WHERE 'Email' = '$email' AND 'Password' = '$password'"), 0) == 1) ? $UserID : false;
};
?>

一般文件

<?php
function sanitize($data) {
    return mysql_real_escape_string($data);

}


?>

连接文件

<?php
$connect_error = 'Sorry, we\'re experiencing connection problems.';
mysql_connect('localhost','root','pass123') or die ($connect_error);
mysql_select_db('bitev2') or die ($connect_error);
?>

登录文件

<?php
include 'core/init.php';



if (empty ($_POST) === false) {
    $email = $_POST ['email'];
    $password = $_POST['password'];

    if (empty($email) === true || empty ($password) === true) {
        $errors[] ='you need to enter a email and password';
    } else if (user_exists($email)=== false) { 
        $errors[] ='We cant find that email';
    } else if (user_active($email) === false) {
        $errors[] ='you havent activated your account';
    } else {
        $login = login ($email, $password);
        if ($login === false){
            $errors[] ='That email password combination is incorrect';
        }else{
            $_SESSION['UserID'] =$login;
            header ('Location: index.php');
            exit();
        }
    }
    print_r($errors);
}
?>

4 个答案:

答案 0 :(得分:2)

使用bacticks`&amp;不是表名或列名的单引号。

SELECT COUNT(`UserID`) FROM `users` WHERE `Email` = '$email'"

注意: Please, don't use mysql_* functions in new code。它们不再被维护and are officially deprecated。请参阅red box?转而了解prepared statements,并使用PDOMySQLi - this article将帮助您确定哪个。如果您选择PDO here is a good tutorial

答案 1 :(得分:0)

错误表明您运行的查询失败,值为FALSE(布尔值)。

此代码:return mysql_result(mysql_query("SELECT 'UserID' FROM 'users WHERE 'Email' = '$email'"), 0, 'UserID');

“用户”周围有一条缺少的引号会引发异常。您可以从UserID,用户和电子邮件中删除引号。确保案例也是正确的,以便电子邮件字段实际上不是电子邮件等等。

您还应该使用 mysqli _ 命令集,而不是弃用的 mysql _

答案 2 :(得分:0)

你的MySQL查询语法错误......

使用反引号.. 

<?php
function logged_in() {
    return(isset($_SESSION['UserID'])) ? true : false; 

}

function user_exists ($email) {
    $email = sanitize ($email);
    $query = mysql_query ("SELECT COUNT (`UserID`) FROM `users` WHERE `Email` = '$email'");
    return (mysql_result($query, 0) == 1) ? true : false;

}

function user_active ($email) {
    $email = sanitize ($email);
    $query = mysql_query ("SELECT COUNT (`UserID`) FROM `users` WHERE `Email` = '$email' AND 'activated' = 1");
    return (mysql_result($query, 0) == 1) ? true : false;

}
function user_id_from_email($email){
    $email =sanitize ($email);
    return mysql_result(mysql_query("SELECT `UserID` FROM `users` WHERE `Email` = '$email'"), 0, 'UserID');
}
function login ($email, $password){
 $UserID = UserID_from_username($email);
 $email = sanitize ($email);
 $password = md5 ($password);

 return(mysql_result(mysql_query ("SELECT COUNT (`UserID` FROM `users` WHERE `Email` = '$email' AND `Password` = '$password'"), 0) == 1) ? $UserID : false;
};
?>

答案 3 :(得分:0)

不要在表列名和表名中使用任何引用(' or ")。你可以使用反引号(`)或什么都不使用。

如果使用quaternion,那么mysql将此名称视为字符串而不是列名。

您需要从表名和列名中删除引号。

(例如)像这样:

mysql_query ("SELECT COUNT (UserID) FROM users WHERE Email = '$email'");
相关问题
最新问题