PHP / MySQL检查登录详细信息

时间:2011-03-12 22:06:41

标签: php mysql html database forms

我有以下代码,应该在提交表单时检查登录详细信息:

<html><body>
<?php
$con = mysql_connect("localhost","will","blahblah");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
  mysql_select_db("blahblah", $con);
$password = $_POST['password'];
$username = $_POST['username'];
$query2=mysql_query("SELECT * FROM users  WHERE  pass =md5('$password') AND user = $username)or die(mysql_error());
if(mysql_num_rows($query2)==1) {
$sql="INSERT INTO links (link, notes, username)
VALUES
('". mysql_escape_string($_POST['link']) ."','". mysql_escape_string($_POST['notes']) ."','". mysql_escape_string($_POST['username']) ."')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "1 link added";

mysql_close($con)
}
else {
echo "Username or password was not correct, please try again";
}
?>
</body></html>

但我收到的错误是:

  

解析错误:语法错误,意外   T_STRING in   /data/www/vhosts/themacsplash.com/httpdocs/ClipBoy/processpopup.php   第13行

第13行是这一行:$sql="INSERT INTO links (link, notes, username)

表单代码为:

<div id="stylized" class="myform">
<form id="form" name="form" method="post" action="processpopup.php">
<label>Username
<span class="small">Enter Your Username</span>
</label>
<input type="text" name="username" id="username" />
<label>Password
<span class="small">Enter Your Password</span>
</label>
<input type="text" name="password" id="password" />

<label>Link
<span class="small">Paste Your Link</span>
</label>
<input type="text" name="link" id="link" />

<label>Notes
<span class="small">Add Some Notes</span>
</label>
<input type="text" name="notes" id="notes" />

<button type="submit"></button>
<div class="spacer"></div>

</form>
</div>

老实说,我不知道发生了什么。谢谢!

3 个答案:

答案 0 :(得分:3)

您缺少

的结尾引用 
$query2=mysql_query("SELECT * FROM users  WHERE  pass =md5('$password') AND user = $username)or die(mysql_error());

应该是

$query2=mysql_query("SELECT * FROM users  WHERE  pass =md5('$password') AND user = $username")or die(mysql_error());

答案 1 :(得分:0)

在上面看几行:

$ QUERY2 =请求mysql_query(“

没有结局“

答案 2 :(得分:0)

<html><body>
<?php
$con = mysql_connect("localhost","will","blahblah");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
  mysql_select_db("blahblah", $con);
$password = $_POST['password'];
$username = $_POST['username'];
$query2=mysql_query("SELECT * FROM users  WHERE  pass = '".md5('$password')."' AND user = '".mysql_real_escape_string($username)."'") or die (mysql_error());
if(mysql_num_rows($query2)==1) {
$sql="INSERT INTO links (link, notes, username)
VALUES
('". mysql_real_escape_string($_POST['link']) ."','". mysql_real_escape_string($_POST['notes']) ."','". mysql_real_escape_string($_POST['username']) ."')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "1 link added";

mysql_close($con)
}
else {
echo "Username or password was not correct, please try again";
}
?>
</body></html>

你忘了关闭第11行的字符串,所以它出了问题

-edit-在md5字符串

周围添加单引号

-edit2-每条评论,没有检查,看到你到处都没有正确的单引号。修复并正确清理所有数据

相关问题
最新问题