警告:mysql_query():提供的参数不是有效的MySQL-Link 资源在/home/a6720525/public_html/functions/sandbox.php上 25
警告:mysql_num_rows():提供的参数不是有效的MySQL /home/a6720525/public_html/functions/sandbox.php中的结果资源 第27行
登录表单
<form class="admin_login" id="form1" name="form1" method="post" action="index.php">
<input class="username" name="username" type="text" id="username" size"40" placeholder="Adress email"/>
<input class="userpass" name="password" type="password" id="password" size"40" placeholder="Mot de pass"/>
<input class="addbutton" type="submit" name="button" value="connexion"/>
<input class="addbutton" type="submit" name="insc" value="Inscription"/>
<input class="addbutton" type="submit" name="mpo" value="Mot de pass oublier?"/>
</form>
我使用的功能
function members ($dbc, $qu) {
if(isset($_POST["username"])&& isset($_POST["password"])){
$manager = preg_replace('#[^A-Za-z0-9\@\-\_\|\,\.\\p{L}\\\\]#i', '', $_POST["username"]);//filter everything but numbers and letters
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password"]);// filter everything but numbers and letters
// Connect to the Mysql database
$qu = "SELECT id FROM users WHERE username='$manager' AND password='$password' LIMIT 1";
$re = mysql_query($dbc, $qu);
//........make sure person exists in data base
$existCount = mysql_num_rows($re);// count the row nums
if($existCount == 1){//evaluate the count
while($row = mysql_fetch_array($re )){
$id = $row["id"];
}
$_SESSION["id"] = $id;
$_SESSION["manager"] = $manager;
$_SESSION["password"] = $password;
header("location:index.php");
exit();
}else{
echo 'That information is incorrect,try again <a href="index.php">Click Here</a>';
exit();
}
}
}
答案 0 :(得分:0)
session_start();
if(isset($_POST["username"])&& isset($_POST["password"])){
$manager = preg_replace('#[^A-Za-z0-9\@\-\_\|\,\.\\p{L}\\\\]#i', '', $_POST["username"]);//filter everything but numbers and letters
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password"]);// filter everything but numbers and letters
// Connect to the Mysql database
$q = "SELECT * FROM users WHERE username='$manager' AND password='$password' LIMIT 1";
$r = mysqli_query($dbc, $q);
$userCount = mysqli_num_rows($r);
if($userCount == 1 ) {
while ($user = mysqli_fetch_assoc($r)) {
$id = $user['id'];
$pass = $user['password'];
$us = $user['username'];
}
$_SESSION["id"] = $id;
$_SESSION["manager"] = $us;
$_SESSION["password"] = $pass;
header("location:index.php?page=business");
exit();
}else { echo 'That information is incorrect,try again <a href="index.php">Click Here</a>';
}
}