Question

我正在尝试创建一个登录页面。连接成功但查询未获取所需结果。登录页面通过post方法将数据发送到action_page.php。

Action_page.php

<?php
$servername = "localhost:3306";
$username = "root";
$password = "";
$dbname = "MyDB";

$con = mysqli_connect($servername, $username, $password, $dbname);

// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

$uname = $_POST['uname'];
$pass = $_POST['psw'];
$sql = "SELECT * FROM Users WHERE uname=".$uname." AND pass=".$pass;
echo "<br/>$sql<br/>";

//$result = $con->query($sql);

echo var_dump($con->query($sql));

$con->close();

＆GT;

有人可以帮忙。！

Answer 1

You can use single quote for the inserted variable inside double quote :)

$sql = "SELECT * FROM Users WHERE uname='$uname' AND pass='$pass'";

Answer 2

从

更新

$sql = "SELECT * FROM Users WHERE uname=".$uname." AND pass=".$pass;

到

$sql = "SELECT * FROM Users WHERE uname='".$uname."' AND pass='".$pass."'";

Answer 3

建议使用mysqli或PDO_MySQL扩展。它不建议使用旧的mysql扩展进行新开发，因为它在PHP 5.5.0中已被弃用，并在PHP 7中被删除。

示例您的代码与三个MySQL API比较

<?php
// mysqli
$mysqli = new mysqli("example.com", "user", "password", "database");
$result = $mysqli->query("SELECT * FROM Users WHERE uname='".$uname."' AND pass='".$pass."'");
$row = $result->fetch_assoc();
echo htmlentities($row['uname']);

// PDO
$pdo = new PDO('mysql:host=example.com;dbname=database', 'user', 'password');
$statement = $pdo->query("SELECT * FROM Users WHERE uname='".$uname."' AND pass='".$pass."'");
$row = $statement->fetch(PDO::FETCH_ASSOC);
echo htmlentities($row['uname']);

// mysql
$c = mysql_connect("example.com", "user", "password");
mysql_select_db("database");
$result = mysql_query("SELECT * FROM Users WHERE uname='".$uname."' AND pass='".$pass."'");
$row = mysql_fetch_assoc($result);
echo htmlentities($row['uname']);
?>

check link

已建立MySQL连接但查询失败

3 个答案: