MySqli查询在执行时返回PHP错误500

时间:2016-02-22 13:57:12

标签: php mysql mysqli

我正在使用PHP和MySql DB编写一个简单的登录表单。 我有这个登录表单,工作正常:

<form action="login.php" method="post" enctype="multipart/form-data" name="frmAddEntry" id="frmAddEntry">
  <table width="100%" border="0" align="center" cellpadding="5" cellspacing="1" class="entryTable">
  <tr><td colspan="2" id="entryTableHeader">Login to C-Cur</td></tr>
  <tr> 
   <td width="150" class="label">User ID</td>
   <td class="content"> <input name="txtUID" type="text" class="box" id="txtUID" size="50" maxlength="100"></td>
  </tr>
  <tr> 
   <td width="150" class="label">Password</td>
   <td class="content"> <input name="txtPwd" type="password" class="box" id="txtPwd" size="50" maxlength="100"></td>
  </tr>
 </table>
 <p align="center"> 
  <input name="btnAddEntry" type="submit" id="btnAddEntry" value="Login" class="box">
  &nbsp;&nbsp;<input name="btnCancel" type="button" id="btnCancel" value="Cancel" onClick="window.location.href='index.php';" class="box">  
 </p>
</form>

如您所见,该信息随后由login.php文件处理,该文件显示为:

<?php

include('../library/functions.php');
dbConnect();

    $pass1   = mysqli_real_escape_string($conn,$_POST['txtPwd']);
    $userid  = mysqli_real_escape_string($conn,$_POST['txtUID']);


$sql = "SELECT *
    FROM ccureaccounts
    WHERE userid = '$userid'"; 


if ($result = $conn->query($sql)) {
while($row = $result->fetch_assoc()){
if (password_verify($pass1, $row['password'])) {
    echo "User ID: ".$row['userid'] . '<br />';
    echo "Balance: ".$row['balance'] . ' $ <br />';
}else { echo "Wrong user ID or Password";}
}

    $result->close();

   }


dbConnect(false);



?>

这使用文件functions.php中的dbConnect函数,该函数读取:

function dbConnect($close=true){
    global $conn;

    if (!$close) {
        mysqli_close($conn);
        return true;
    }
    $conn = mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
    if (!$conn) {
         die("Connection failed: " . mysqli_connect_error());
    }
}

我现在想将index.php(具有登录表单的那个)从前一个切换到下一个,以便不再使用文件login.php,而是使用函数来执行登录代替。 所以新的index.php读取:

<?php
require_once '../library/functions.php';


$errorMessage = '&nbsp;';

if (isset($_POST['txtUserName'])) {
    $result = doLogin();

    if ($result != '') {
        $errorMessage = $result;
    }
}

?>
<html>
<head>
<title>C-Cure Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body class="schema">
<div id="container">
  <div id="header"><!-- end #header --></div>
  <div class="arrotcen">
    <h1 align="center" class="Stile1">C-CURE LOGIN</h1>
   <div class="errorMessage" align="center"><?php echo $errorMessage; ?></div>
    <p align="center">&nbsp;</p>
     <form method="post" name="frmLogin" id="frmLogin">
      <table width="271" height="77" border="0" align="center" cellpadding="0" cellspacing="1">
        <tr>
          <td colspan="2" bgcolor="#000000"><div align="center" class="Stile1"></div></td>
        </tr>
        <tr>
          <td >User ID</td>
          <td ><label>
            <input type="text" name="txtUserName" id="txtUserName" />
          </label></td>
        </tr>
        <tr>
          <td> Password</td>
          <td><label>
            <input type="password" name="txtPassword" id="txtPassword" />
          </label></td>
        </tr>
        <tr>
          <td colspan="2" bgcolor="#333333"><label> </label>
              <div align="center">
                <input type="submit" name="button" id="button" value="Login" />
            </div></td>
        </tr>
      </table>
      <input name="action" type="hidden" id="action" value="login" />
    </form>
    <p align="center" class="Stile1">&nbsp;</p>
    <p align="center" class="Stile41"></p>
    <p>
      <!-- end #mainContent --> 
    </p>
    </div>
<!-- end #container --></div>
</body>

</html>

在functions.php文件中,我创建了doLogin()函数,该函数如下:

function doLogin()
{
    // if we found an error save the error message in this variable
    $errorMessage = '';
    dbConnect();



    $password  = mysqli_real_escape_string($conn,$_POST['txtPassword']); 
    $userName = mysqli_real_escape_string($conn,$_POST['txtUserName']);



    $sql = "SELECT *
    FROM ccureaccounts
    WHERE userid = '$userName'"; 



    if ($result = $conn->query($sql)) { 
    $errorMessage = '4';

    while($row = $result->fetch_assoc()){
    if (password_verify($password, $row['password'])) {
      header('Location: '.DOMAIN);
      exit;

    //echo "User ID: ".$row['userid'] . '<br />';
    //echo "Balance: ".$row['balance'] . ' $ <br />';

    }else { $errorMessage = "Wrong user ID or Password";}
    }

      $result->close();


    } 

    return $errorMessage;
    dbConnect(false);

}

这就是问题所在。当此代码运行时,在提交用户名和密码后,页面将返回PHP错误500,而无需使用许多详细信息。 我试图对变量$ userName进行回声,奇怪的是,当变量设置为:

时,它不会返回任何值 
$userName = mysqli_real_escape_string($conn,$_POST['txtUserName']);

如果我将其更改为:

$userName = $_POST['txtUserName'];

而echo返回值。此更改仍然不会使其余代码工作。 任何人都有任何关于出了什么问题的线索?我怀疑这是MySqli查询的一个问题,但是任何其他见解都可以修复这个新代码。

1 个答案:

答案 0 :(得分:0)

修复了函数doLogin()

中包含全局$ conn的问题
相关问题
最新问题