这是我的login.php
<?
session_start();
if (isset($_POST['Login'])) {
include_once("connect.php");
$user_ok = false;
$usernamer=$_POST['Usernamer'];
$passaword=$_POST['passsword'];
$id = "SELECT id FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1";
function evalLoggedUser($link,$id,$usernamer,$passaword){
$sql = "SELECT ip FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1";
$query = mysqli_query($link, $sql);
$numrows = mysqli_num_rows($query);
if($numrows > 0){
return true;
}
}
$user_ok = evalLoggedUser($link,$usernamer,$passaword,$id);
if(isset($_POST['Login'])){
if($user_ok == true){
header("location: user.php?u=".$_POST["Usernamer"]);
}else{
echo "username was not found";
}
}
}
?>
它给出了像
这样的错误mysqli_num_rows()期望参数1为mysqli_result,给定为null
即使我输入正确的用户名,它也会回复username was not found
答案 0 :(得分:0)
我认为应该是
if($numrows < 0){
return true;
}
您的查询应该是:
$id = "SELECT id FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1";
//change $Usernamer to $usernamer
答案 1 :(得分:0)
呀!参数一必须是结果集。这意味着你必须传递$ query而不是你的SQL查询
答案 2 :(得分:0)
使用合适的评论对原文进行了一些更改
<?php
session_start();
if ( isset( $_POST['Login'] ) ) {
include_once("connect.php");
$user_ok = false;
$usernamer=$_POST['Usernamer'];
$passaword=$_POST['passsword'];
/* to debug */
echo "POSTED username:".$usernamer." POSTED password: ".$passaword;
/*
this gets passed as a parameter to the function but never used...
$id = "SELECT id FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1";
*/
function evalLoggedUser( $conx, $u, $p ){
/* To use the variables above ( $usernamer & $passaword ) you would need to declare them as global within the function */
/* I assumed, perhaps wrongly, that this ought to have been id rather than ip */
$sql = "SELECT `id` FROM `websiteusers` WHERE `userName`='$u' AND `pass`='$p' LIMIT 1";
/* to debug */
exit( "PARAM Username:".$u ."<br />PARAM Password:". $p ."<br />sql:" .$sql );
$query = mysqli_query( $link, $sql );
$numrows = mysqli_num_rows( $query );
/* previously the function only returned a value if there was a recordset */
return ( $numrows > 0 ) ? true : false;
}
/*
The sequence of parameters was incorrect
*/
$user_ok = evalLoggedUser( $link, $usernamer, $passaword );
if( isset( $_POST['Login'] ) ){
if( $user_ok === true ){
header("location: user.php?u=".$usernamer );
}else{
echo "username was not found";
}
}
}
?>