当我尝试从php运行以下查询时,我得不到任何结果(即使有一个用户符合给定的信息。
SELECT * FROM `virtual_users` WHERE `email`='$u', `password` = ENCRYPT('".$p."', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16)))
在另一个脚本中,以下查询可以正常工作:
"UPDATE `virtual_users` SET `password`=ENCRYPT('".$sNewPassword."', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) WHERE `email`='". $oAccount->Email () ."'"
坐在那里难倒了一会儿之后,我试图在PHP管理员中使用explain来运行查询:
EXPLAIN SELECT * FROM `virtual_users` WHERE `email`='fakeuser@fake.fake' AND `password` = ENCRYPT('fakepass', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16)))
返回以下内容
+ + --- --- --- + + --- + + --- --- --- + + --- + + --- --- + | id | select_type |表|类型| possible_keys |关键| key_len | ref |行|额外的| + --- + --- + --- + --- + --- + --- + --- + --- + --- + --- + | 1 |简单| NULL | NULL | NULL | NULL | NULL | NULL | NULL |不可能在阅读const表后注意到了 + + --- --- --- + + --- + + --- --- --- + + --- + + --- --- +
表结构如下: Table Structure Image
任何帮助都会受到很大的影响。 签, 麦克
答案 0 :(得分:1)
WHERE不使用逗号。我相信您想要的语法是AND:
SELECT *
FROM `virtual_users`
WHERE `email` = '$u' AND `password` = ENCRYPT('".$p."', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16)))
答案 1 :(得分:0)
$q = "SELECT * FROM `virtual_users` WHERE `email`='$u'";
<snip>
$row = $r->fetch_assoc();
if(password_verify($_POST['pass'], $row['password'])){
<snip>