所以我将用户的排名保存为SQL数据库作为枚举器。然后我想尝试检查他们的等级并将其与字符串进行比较。如果排名等于字符串,那么我想允许他们访问。这是我到目前为止的代码(哪些不起作用):
$email = stripslashes($email);
$password = stripslashes($password);
$email = mysql_real_escape_string($email);
$password = mysql_real_escape_string($password);
$sql = "SELECT RANK FROM $table WHERE EMAIL = '$email' and PASSWORD = '$password'";
$result = mysql_query($sql);
$count = mysql_num_rows($result);
if($count == 1){
if($result == "OWNER") {
header("location: panel.php");
} else {
$message = "Permission denied.";
}
} else {
$message = "Incorrect email or password.";
}
答案 0 :(得分:1)
重要通知!
自PHP 5.5.0起,不推荐使用 mysql_*个函数。我们强烈建议使用MySQLi或PDO。
回答您的问题,您必须获取查询结果或使用mysql_result()
<强>查询
$sql = "SELECT RANK
FROM $table
WHERE EMAIL = '$email' and PASSWORD = '$password'
LIMIT 1";
$result = mysql_query($sql);
获取结果:
$rank = mysql_fetch_array($result);
$rank = $rank['RANK'];
或者改为使用mysql_result():
$rank = mysql_result($result);
答案 1 :(得分:0)
你需要mysql_fetch_assoc $ result var才能读取表格行。我也建议你使用mysqli函数。在这里,尝试这个而不是你的(没有mysqli,也没有自己测试):
$email = mysql_real_escape_string(stripslashes($email));
$password = mysql_real_escape_string(stripslashes($password));
$sql = "SELECT `RANK` FROM ".$table." WHERE `EMAIL` = '".$email."' and `PASSWORD` = '".$password."'";
$result = mysql_query($sql);
$count = mysql_num_rows($result);
$result = mysql_fetch_assoc($result);
if($count == 1){
if($result == "OWNER") {
header("location: panel.php");
} else {
$message = "Permission denied.";
}
} else {
$message = "Incorrect email or password.";
}