$ query row not working codeigniter

时间:2014-06-14 10:22:07

标签: php mysql codeigniter

我正在为我的库文件进行用户登录。但我的user_query->行无法正常工作,不确定如何修复它一直在阅读用户指南。

$this->user_id = $user_query->row('user_id');
$this->username = $user_query->row('username');
$this->CI->session->userdata('user_id') = $user_query->row('user_id');

致命错误:在第69行的C:\ xampp \ htdocs \ codeigniter-cms \ system \ libraries \ Users.php中的写入上下文中不能使用方法返回值

致命错误:在第65行的C:\ xampp \ htdocs \ codeigniter-cms \ system \ libraries \ Users.php中的写入上下文中不能使用方法返回值

public function login() {
$user_query = $this->CI->db->query("SELECT * FROM " . $this->CI->db->dbprefix . "user WHERE username = '" . $this->CI->db->escape($username) . "' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1('" . $this->CI->db->escape($password) . "'))))) OR password = '" . $this->CI->db->escape(md5($password)) . "') AND status = '1'");

if ($user_query->num_rows() == 1) {

$data = array(
'user_id' => $this->user_id,
'username' => $this->username
);

$this->CI->session->set_userdata($data);

$this->user_id = $user_query->row('user_id');
$this->username = $user_query->row('username');

line 65 
$this->CI->session->userdata('user_id') = $user_query->row('user_id');      

// Line 69
$user_group_query = $this->CI->db->query("SELECT permission FROM " . $this->CI->db->dbprefix . "user_group WHERE user_group_id = '" . (int)$user_query->row('user_group_id') . "'");

$permissions = unserialize($user_group_query->row('permission'));

if (is_array($permissions)) {
foreach ($permissions as $key => $value) {
$this->permission[$key] = $value;
}
}

} else {

return false;

}

}

新错误我从此处显示的密码已删除

Error Number: 1064

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'admin'' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1(''*****''))))) O' at line 1

SELECT * FROM oc_user WHERE username = ''admin'' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1(''******''))))) OR password = ''***************'') AND status = '1'

Filename: C:\xampp\htdocs\codeigniter-cms\system\database\DB_driver.php

Line Number: 330

1 个答案:

答案 0 :(得分:1)

你想用这条线做什么:

$this->CI->session->userdata('user_id') = $user_query->row('user_id');

您是否尝试设置会话?在这种情况下,您需要使用set_userdata()

$this->CI->session->set_userdata('user_id', $user_query_>row('user_id');      

另外,我从未见过像你这样使用row()。我去了[manua] [1] l,看到了这个:

  

如果要返回特定行,可以将行号提交为   第一个参数中的数字。

没有提及使用字符串作为字段名称。也许你的意思是:

$row = $user_query->row();
echo $row->user_id;

我相信它可以被链接,所以$user_query->row()->user_id应该有用。

评论后编辑

使用参数化查询,它会更好并避免那些令人讨厌的逃避问题:

$user_query = $this->CI->db->query("SELECT * FROM " . $this->CI->db->dbprefix . "
user WHERE username = ? 
 AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1(?))))) OR password = ?) 
 AND status = ?", array($username, $password, md5($password), 1));