mysqli_num_rows()期望参数1为mysqli_result

时间:2014-05-04 08:12:35

标签: php mysqli

有人可以帮我找到解决此错误的方法:

$user_name = "root";
$pass_word = "7172648";
$database = "movies";
$server = "localhost";

$db_handle = @mysqli_connect($server, $user_name, $pass_word);
$db_found = mysqli_select_db($db_handle, $database);

if ($db_found) {



    $SQL = "SELECT * FROM user WHERE Username = $name AND Password = $pass";
    $result = mysqli_query($db_handle,$SQL);
    $num_rows = mysqli_num_rows($result);



    //====================================================
    //  CHECK TO SEE IF THE $result VARIABLE IS TRUE
    //====================================================

    if ($result) {
        if ($num_rows > 0) {
            session_start();
            $_SESSION['login'] = "$name";
            header ("Location: index.php");
        }
        else {
            session_start();
            $_SESSION['login'] = "";
            header ("Location: login.php");
        }   
    }
    else {
        $errorMessage = "Error logging on";
    }

    mysqli_close($db_handle);

}
else {
    $errorMessage = "Error logging on";
}

我不明白这里有什么问题,如果有人可以提供帮助,那么请尽量提问,如果你不明白,我会尽可能更清楚地解释。< / p>

1 个答案:

答案 0 :(得分:-2)

请在代码中找到coments。

$SQL = sprintf("SELECT * FROM user WHERE Username='%s' AND Password='%s'",
        mysqli_real_escape_string ($name),
        mysqli_real_escape_string ($pass));
//Please note! NEVER insert text received from client into an 
//SQL statement without screening it through mysql_real_escape_string

$result = mysqli_query($db_handle,$SQL);

//$num_rows = mysqli_num_rows($result); // NOT HERE!!! 
                                        // Because $result might be undefined
                                        // if query is not executed
//====================================================
//  CHECK TO SEE IF THE $result VARIABLE IS TRUE
//====================================================
if ($result) {
    $num_rows = mysqli_num_rows($result);  // HERE! If result definitely present
    if ($num_rows > 0) {
        session_start();
        $_SESSION['login'] = "$name";
        header ("Location: index.php");
    }
    else {
        session_start();
        $_SESSION['login'] = "";
        header ("Location: login.php");
    }   
}
else {
    $errorMessage = "Error logging on";
}