mysqli_query()& mysqli_real_escape_string()期望参数1为mysqli,给定

时间:2016-12-17 23:22:18

标签: php mysql mysqli

我写了一个登录程序,但是我坚持这个错误并且无法找到解决方案来解决它。

错误:警告:mysqli_real_escape_string()期望参数1为mysqli,null与mysqli_query()相同。我已经知道$ connection是问题,因为其他帖子+错误要求msqli对象。

我有一个文件,您可以在其中调用函数来打开或关闭includes / controller / dbcontroller.php中的数据库连接。其中包含以下代码。

<?php

function openDBConnection(){
    //1. create database connection
    define("DB_SERVER","localhost");
    define("DB_USER","root");
    define("DB_PASS","");
    define("DB_NAME","IppaSpil");

    $connection = mysqli_connect(DB_SERVER, DB_USER, DB_PASS, DB_NAME);

    // test if connection occured

    if(mysqli_connect_errno()){
        echo "err: ".$connection;
        die("Database connection failed: ".
            mysqli_connect_error().
            "(" . mysqli_connect_errno . ")"
            );
    }
}   

function closeConnection(){ 
    //close database connection
    mysqli_close($connection);
}   
?>

然后我有一个文件logincontroller来处理登录请求。此文件也位于includes / controller / LoginController.php中。这包含以下代码。

<?php require_once("../session.php");?>
<?php require_once("DatabaseController.php");?>
<?php require_once("../functions.php");?>
<?php require_once("../validation_functions.php");?>
<?php 
    openDBConnection();
    if (isset($_POST['login'])) {       
        $username = $_POST["username"];
        $password = $_POST["password"];     

        //validations
        $required_fields = array("username", "password");       
        validate_presences($required_fields);   

        if (empty($errors)){            
            $found_user = attempt_login($username, $password);

            if ($found_user) {
                // Succesa              
                redirect_to("profile_page.php");    
            } else {
                //Failure       
                $_SESSION["failedlogin"] = "Username or password is wrong.";
                echo"wrong pass";
                closeConnection();
                //redirect_to("login_page.php");
            }               
        } else{
            echo $errors;
            $_SESSION["errors"] = $errors;
            closeConnection();
            //redirect_to("login_page.php");                
        }
    }else{  
        //prob get request
        closeConnection();
        redirect_to("login_page.php");
    }
?>

此过程的最后一个文件是函数文件。这个文件包含各种功能。但其中2个对我的手术很重要。 该文件位于includes / functions.php中。这是代码。我在这个文件中得到2个错误。它给出错误的行标有||。

    function attempt_login($username, $password) {
    $admin = find_user_by_username($username);
    if ($admin) {
        // found admin, now check password

        if (password_check($password, $admin["password"])) {

            // password matches
            return $admin;
        } else {
            // password does not match

            return false;
        }
    } else {
        // admin not found
        return false;
    }
}

function find_user_by_username($username) {
global $connection;

$safe_username = mysqli_real_escape_string($connection, $username); ||

$query  = "SELECT * ";
$query .= "FROM user ";
$query .= "WHERE username = '{$username}' ";
$query .= "LIMIT 1;";

$user_query = mysqli_query($connection, $query); ||

confirm_query($user_query);
if($user = mysqli_fetch_assoc($user_query)) {       

    return $user;           
} else {

    return null;
}
}

我怀疑全局$连接变量无法访问,但我不知道为什么......

提前谢谢!

1 个答案:

答案 0 :(得分:1)

问题是$connection是在函数openDBconnection()的范围内定义的。

即使您尝试使用

访问它
global $connection

这不起作用。

一点测试:

<?php

function test() {
    $a = "test";
    return $a;
}

test(); // run it, but don't take the return
//$a = test();

function test2() {
   global $a;
   echo $a;   // doesn't show anything - $a is NULL
}

test2();

?>

如果我取消注释//$a = test();,我会得到一个结果,因为现在$ a在全球范围内。

因此,您可以在函数$connection的末尾返回openDBconnection(),然后将其分配给脚本中的全局:

 // end of openDBconnection
return $connection;

// where you establish connection in your script:
$connection = openDBconnection();

但是使用全局变量并不是一个好习惯。将该连接传递给您的函数会更好:

function attempt_login($username, $password, $connection) {
    $admin = find_user_by_username($username, $connection);
    ....
}

function find_user_by_username($username, $connection) {
    ....
}