我已经制作了非常早的登录脚本,并希望检查行数以检查是否有更多具有该用户名和密码的管理员,或者在我获得该用户名和密码时实际检查该用户是否存在
致命错误:未捕获错误:在{path}堆栈跟踪中调用未定义方法mysqli_result :: num_rows():在第72行的{path}中抛出#0 {main}
这是完整的文件代码,我已标记第72行
<?php
session_start();
ob_start();
define("ACCESS", "true");
setcookie("cookie_test", "1", 0, '/');
if(!empty($_SERVER['HTTP_CLIENT_IP']))
{
$ip = $_SERVER['HTTP_CLIENT_IP'];
}
elseif(!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
{
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip = $_SERVER['REMOTE_ADDR'];
}
if(!isset($_POST["username"]) || !isset($_POST["password"]))
{
$_SESSION["lerror_isvarnotset"] = "true";
header('Location: index'); exit(); exit();
}
$username = $_POST["username"];
$password = $_POST["password"];
if(empty($_POST["username"]) || empty($_POST["password"]))
{
$_SESSION["lerror_wrong"] = "__WRONG";
header('Location: index'); exit(); exit();
}
// LENGTH CHECK
/* only one check */ // $correctLEN = "true";
if(strlen($username) < 3 || strlen($username) > 150 || strlen($password) < 3 || strlen($password) > 150)
{
$_SESSION["lerror_wrong"] = "__LENGTH";
header('Location: index'); exit(); exit(); // ON ADDING NEXT CHECK REMOVE
}
// CREATING CONNECTION
require_once "data/database.php"; // this contains $db_host, $db_username etc.
try
{
$conn = new mysqli($db_host, $db_username, $db_password, $db_name);
$hash_password = hash('sha256', hash('sha256', $password));
$result = $conn->query("SELECT * FROM users WHERE u_username='$username' AND u_password='$password'");
if(!$result)
{
$logFile = fopen("log/".uniqid().'_sqlstatement_'.date("Y-m-d_H-i-s").'.log', "w");
fwrite($logFile,
"Date: ".date("d-m-Y H:i:s").PHP_EOL.PHP_EOL.
"User-agent: ".$_SERVER["HTTP_USER_AGENT"].PHP_EOL.PHP_EOL.
"IP-Address: ".$ip.PHP_EOL.PHP_EOL.
"Error: SQL Statement probably wrong in ".__FILE__.' near line '.__LINE__.PHP_EOL.PHP_EOL.
"Read: False"
);
die("An error has occurred, SQL Query is wrong, it has been saved to log."); exit(); exit();
}
*** THIS IS LINE 72 ***: if($result->num_rows() > 1)
{
$logFile = fopen("log/".uniqid().'_adminerrorcount_'.date("Y-m-d_H-i-s").'.log', "w");
fwrite($logFile,
"Date: ".date("d-m-Y H:i:s").PHP_EOL.PHP_EOL.
"User-agent: ".$_SERVER["HTTP_USER_AGENT"].PHP_EOL.PHP_EOL.
"IP-Address: ".$ip.PHP_EOL.PHP_EOL.
"Error: There is more than one admin with username '$username'".PHP_EOL.PHP_EOL.
"Read: False"
);
die("An error has occured, there are more than one administrator with that username and password, it has been saved to log.");
}
elseif($result->num_rows() < 1)
{
$_SESSION["lerror_wrong"] = "__WRONG";
header('Location: index'); exit(); exit();
}
$row = $result->fetch_assoc();
if($row["u_issuspended"] == "false")
{
}
else
{
$_SESSION["lerror_wrong"] = "__SUSPEND";
header('Location: index'); exit(); exit();
}
}
catch(PDOException $e)
{
$logFile = fopen("log/".uniqid().'_dberror_'.date("Y-m-d_H-i-s").'.log', "w");
fwrite($logFile,
"Date: ".date("d-m-Y H:i:s").PHP_EOL.PHP_EOL.
"User-agent: ".$_SERVER["HTTP_USER_AGENT"].PHP_EOL.PHP_EOL.
"IP-Address: ".$ip.PHP_EOL.PHP_EOL.
"Error: ".$e->getMessage().PHP_EOL.PHP_EOL.
"Read: False"
);
print "An error has occurred while tried to connect to database, it has been saved to log.";
die(); die();
}
提前谢谢
答案 0 :(得分:-1)
在这一行...
if($result = $conn->query("SELECT * FROM users WHERE u_username='$username' AND u_password='$password'") === FALSE)
您正在将$result设置为比较查询返回值=== false。
这将导致$result为布尔值。
此外,num_rows是属性,而不是方法。所以没有括号:if ($result->num_rows > 1)