我无法登录系统

时间:2015-09-06 09:34:50

标签: php sql

这是我的login.php 

   <?
    session_start();
    if (isset($_POST['Login'])) {
    include_once("connect.php");
    $user_ok = false;
    $usernamer=$_POST['Usernamer'];
    $passaword=$_POST['passsword'];
    $id = "SELECT id FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1";
    function evalLoggedUser($link,$id,$usernamer,$passaword){
        $sql = "SELECT ip FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1";
        $query = mysqli_query($link, $sql);
        $numrows = mysqli_num_rows($query);
        if($numrows > 0){
            return true;
        }
    }
        $user_ok = evalLoggedUser($link,$usernamer,$passaword,$id);
        if(isset($_POST['Login'])){
        if($user_ok == true){
        header("location: user.php?u=".$_POST["Usernamer"]);
        }else{
         echo "username was not found";
        }
        }
    }
    ?>

它给出了像

这样的错误
  

mysqli_num_rows()期望参数1为mysqli_result,给定为null

即使我输入正确的用户名,它也会回复username was not found

3 个答案:

答案 0 :(得分:0)

我认为应该是

   if($numrows < 0){
     return true;
   }

您的查询应该是:

$id = "SELECT id FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1";
//change $Usernamer to $usernamer

答案 1 :(得分:0)

呀!参数一必须是结果集。这意味着你必须传递$ query而不是你的SQL查询

答案 2 :(得分:0)

使用合适的评论对原文进行了一些更改

<?php
    session_start();
    if ( isset( $_POST['Login'] ) ) {

        include_once("connect.php");
        $user_ok = false;

        $usernamer=$_POST['Usernamer'];
        $passaword=$_POST['passsword'];
        /* to debug */
        echo "POSTED username:".$usernamer." POSTED password: ".$passaword;

        /*
            this gets passed as a parameter to the function but never used...
            $id = "SELECT id FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1";
        */
        function evalLoggedUser( $conx, $u, $p ){
            /* To use the variables above ( $usernamer & $passaword ) you would need to declare them as global within the function */
            /* I assumed, perhaps wrongly, that this ought to have been id rather than ip */

            $sql = "SELECT `id` FROM `websiteusers` WHERE `userName`='$u' AND `pass`='$p' LIMIT 1";

           /* to debug */
           exit( "PARAM Username:".$u ."<br />PARAM Password:". $p ."<br />sql:" .$sql );

            $query = mysqli_query( $link, $sql );
            $numrows = mysqli_num_rows( $query );

            /* previously the function only returned a value if there was a recordset */
            return ( $numrows > 0 ) ? true : false;
        }


        /*
            The sequence of parameters was incorrect 
        */
        $user_ok = evalLoggedUser( $link, $usernamer, $passaword );

        if( isset( $_POST['Login'] ) ){
            if( $user_ok === true ){
                header("location: user.php?u=".$usernamer );
            }else{
                echo "username was not found";
            }
        }
    }
?>
相关问题
最新问题