我正在尝试使用我的登录系统设置的会话来获取数据库中有关未填写表单的用户的信息。
我现在正在使用的代码:
<?php
$con=mysqli_connect("127.0.0.1","user","pass","db");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con,"SELECT * FROM playerdata WHERE Unique_ID = '$uid'");
while($row = mysqli_fetch_array($result)) {
$row['Unique_ID'];
$row['AC'];
?>
<b><?php echo $row['AC']; ?></b> </div>
<?php
}
mysqli_close($con);
?>
<p> </p>
Welcome to the armour coins shop! Here you can spend your hard earned coins on some shiny armour and weapons. You gain coins by leveling up in-game. You can do this by preforming laberous activities. <a href="?explain=leveling">Click here for more information about leveling</a>
<p> </p>
<form action="buy.php" method="POST" class="form-inline" style="display:inline-block;">
<input type="hidden" name="uid" value="<?php echo $_POST['uid']; ?>">
<input type="hidden" name="username" value="<?php echo $_POST['username']; ?>">
<input type="hidden" name="item" value="127">
<input type="submit" value="Buy Brynie">
<?php
}
elseif(!empty($_POST['username']) && !empty($_POST['password']))
{
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$uid = mysql_real_escape_string($_POST['uid']);
$checklogin = mysql_query("SELECT * FROM account WHERE Username = '".$username."' AND Password = '".$password."' AND Unique_ID = '".$uid."'");
if(mysql_num_rows($checklogin) == 1)
{
$row = mysql_fetch_array($checklogin);
$email = $row['EmailAddress'];
$_SESSION['Username'] = $username;
$_SESSION['Uid'] = $uid;
$_SESSION['EmailAddress'] = $email;
$_SESSION['LoggedIn'] = 1;
?>
如您所见,我正在使用会话,但我想根据用户在数据库中获取信息。
这不起作用:
$uid = ($_SESSION['Uid']) ?>
$result = mysqli_query($con,"SELECT * FROM playerdata WHERE Unique_ID = '$uid'");
答案 0 :(得分:0)
我在代码中看不到session_start(),你需要在使用session之前添加session_start() http://www.php.net/manual/en/function.session-start.php