我在我的PHP脚本中收到的错误很少,因为我正在尝试更改一些" mysql"函数" msquli"
1-警告:mysqli_real_escape_string()预计正好有2个参数,第34行在C:\ wamp \ www \ xxx \ yyy \ login.php中给出
这是" login.php"
的代码<?php
ob_start();
session_start();
if (isset($_SESSION["puadmin"])) {
header("location: index.php");
exit();
}
?>
<?php
$success="";
$username="";
$password="";
$error1="";
$error2="";
$ip1="";
//getting ip
if( isset( $_SERVER['HTTP_X_FORWARDED_FOR'] )) {
$ip1=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
if (isset($_POST['username'])){
$username = $_POST['username'];
$password = $_POST['password'];
//connect to the database here
require("../config.php");
$username = mysqli_real_escape_string($username);
$password = mysqli_real_escape_string($password);
$query = "SELECT aid, password
FROM pu_admin
WHERE username = '$username';";
$result = mysqli_query($query);
if(mysqli_num_rows($result) < 1) //no such user exists
{
// header('Location: login_form.php');
$error1 = " <div class='ui-state-error'>No such user exist</div><br>";
}
$userData = mysqli_fetch_array($result, MYSQL_ASSOC);
$hash = md5($password);
$aid = $userData['aid'];
if($hash != $userData['password']) //incorrect password
{
//header('Location: login.php');
$error2 = "<div class='ui-state-error'>Incorrect Password </div>";
}else{
session_regenerate_id (); //this is a security measure
$_SESSION['valid'] = 1;
$_SESSION['userid'] = $aid;
$_SESSION["puadmin"] = $username;
$_SESSION["pass"] = $pass1;
$success= "Login Successfull Redirecting Please wait";
header('location:index.php');
}
}
?>
<html>
<head>
<title>Login</title>
<?php include_once('templates/stylesheets.php') ?>
</head>
<body style="backgrround-color:#e6e6e6 !important;">
<div id="login_wrapper" style="margin-top:120px; margin-bottom:0px; overflow:hidden;">
<div class="well" style="text-align:center">
<h1><img src="../pu-admin/images/logo-light.png"></h1>
</div>
<?php
echo $error1;
echo $error2;
echo $success;
?>
<form class="form-signin" name="login" action="" method="post">
<div class="table-container">
<table class="table table-form">
<tbody>
<tr>
<td>
<label>Username</label>
</td>
<td>
<input name="username" placeholder="Username" type="text">
</td>
</tr>
<tr>
<td>
<label>Password</label>
</td>
<td>
<input placeholder="Password" name="password" type="password">
</td>
</tr>
</tbody>
</table>
</div>
<div class="actions">
<div class="button-well">
<button class="button button-primary fastbutton" data-icon="K" >Login</button>
</div>
</div>
</form>
</div>
&#34; config.php&#34;的2代码如下所示
<?php
$dbhost = 'localhost'; /*Hostname*/
$dbname = 'file'; /*database name*/
$dbuser = 'file'; /*user name */
$dbpass = '1234'; /*database password, */
/*Base url without trailing slash for example http://www.example.com */
$baseUrl = 'localhost/file';
$conn = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);
?>
就数据库查询而言,我是一个菜鸟,但他们正在尝试,我希望有人能帮助我
提前thanx
答案 0 :(得分:2)
您必须将连接传递给mysqli函数:
mysqli_real_escape_string($conn, $username);
mysqli_query($conn, $query);