PHP根据输入回显数据库中的所有数据

时间:2018-03-28 04:27:54

标签: php arrays database

我想了解如何根据单个键从数据库输出数据,例如我的数据库列是:

kodeDosen(PrimaryKey的),namaDosen,电子邮件,telepon,密码

我的登录界面用户只能输入kodeDosen和密码,而我想显示其他数据的密码,这是我的注册php:

first_day_df1 = df1.index.min()

这是我的登录php:

<?php 
    include 'connectdb.php';

    $data = json_decode(file_get_contents('php://input'), true);

    $kodeDosen =$data["kodeDosen"];
    $namaDosen  = $data["namaDosen"];
    $email = $data["email"];
    $telepon = $data["telepon"];
    $password= $data["password"];

    $message = array("message"=>"Success");
    $failure = array("message"=>"Failure,kodeDosen already used");

    $sql = "INSERT INTO tbl_dosen (kodeDosen, namaDosen, email, telepon, password) VALUES ('$kodeDosen', '$namaDosen', '$email', '$telepon','$password')";



    if (mysqli_query($conn, $sql)) {
        echo json_encode($message);
    } else {
        echo json_encode($failure) ;
    }

?>

3 个答案:

答案 0 :(得分:2)

由于SQL注入,将变量直接插入SQL查询不是一个好主意。

我建议在两个查询中使用预准备语句。要使用预准备语句从db中提取结果,可以使用以下内容:

OOP风格:

$stmt = $db->prepare("SELECT kodeDosen, namaDosen, email, telepon FROM tbl_dosen WHERE kodeDosen = ? and password = ?");
$stmt->bind_param('ss', $kodeDosen, $password);
$stmt->execute();

$result = $stmt->get_result();

while ($row = $result->fetch_assoc()) {
        //result is in row
        var_dump($row);
}

程序风格:

$stmt = mysqli_prepare($conn, "SELECT kodeDosen, namaDosen, email, telepon FROM tbl_dosen WHERE kodeDosen = ? and password = ?");
mysqli_stmt_bind_param($stmt, 'ss', $kodeDosen, $password);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);

while ($row = $result->fetch_assoc()) {
        //result is in row
        var_dump($row);
}

答案 1 :(得分:1)

您可以在login.php中更改sql SELECT语句

$sql = "SELECT kodeDosen, namaDosen, email, telepon FROM tbl_dosen WHERE kodeDosen ='$kodeDosen' and password = '$password'";
SELECT *中的

表示返回所有列。

答案 2 :(得分:0)

我认为你想要echo json_encode($row);而不是echo json_encode($message);

<强>尝试: 

<?php 
    include 'connectdb.php';

    $data = json_decode(file_get_contents('php://input'), true);

    $kodeDosen =$data["kodeDosen"];
    $password = $data["password"];

    $message = array("message"=>"Data found");
    $failure = array("mesage"=>"Data not found");

    if ($stmt = mysqli_prepare($conn, "SELECT kodeDosen, namaDosen, email, telepon FROM tbl_dosen WHERE kodeDosen =? and password = ?")) {

       /* bind parameters for markers */
       mysqli_stmt_bind_param($stmt, "ss", $kodeDosen,$password);

       /* execute query */
       mysqli_stmt_execute($stmt);

       /* store result */
       $result = mysqli_stmt_get_result($stmt);
       $row = mysqli_fetch_assoc( $result );

       if(mysqli_num_rows($result) > 0) {
          echo json_encode($row);
       }else {
          echo json_encode($failure);
       }

    }

?>
相关问题
最新问题