我正在创建一个网站,该网站根据用户选择的食谱生成购物清单。但是我在用户登录/会话密钥方面遇到问题。数据正在从数据库中推送/拉出,但随后出现错误
警告:mysqli_query()希望参数2为字符串,在第32行的/opt/lampp/htdocs/GroceryBasket-Web/register.php中给出的对象
警告:mysqli_fetch_array()期望参数1为mysqli_result,在第36行的/opt/lampp/htdocs/GroceryBasket-Web/register.php中给出的值为空
<?php
session_start();
require_once('config.php');
$conn = mysqli_connect(DBHOST,DBUSER,DBPASS,DBNAME);
if(!$conn){
die('could not connect' . mysqli_error());
}
echo 'CONNECTED TO DB';
if(isset($_POST['login'])){
//login
$email = mysqli_real_escape_string($conn,$_POST['email']);
$password = mysqli_real_escape_string($conn,$_POST['password']);
$strSQL = mysqli_query($conn,"SELECT UserName from User_Info where Email='".$email."' and Password='".md5($password)."'");
$Results = mysqli_fetch_array($strSQL);
if(($Results)>=1)
{
$message = $Results['UserName']." Login Sucessfully!!";
}
else
{
$message = "Invalid email or password!!";
}
$qry = mysqli_query($conn, $strSQL);
while($row=mysqli_fetch_array($qry)) {
$dbemail = $row['email'];
$dbpassword = $row['password'];
if ($email == $dbemail && $password == $dbpassword) {
$_SESSION['email'] = $email;
header("location: home.php");
}
}
}
elseif(isset($_POST['reg_user']))
{ //REGISTER
$username = mysqli_real_escape_string($conn,$_POST['username']);
$email = mysqli_real_escape_string($conn,$_POST['email']);
$password = mysqli_real_escape_string($conn,$_POST['password']);
$query = "SELECT Email FROM User_Info where Email='".$email."'";
$result = mysqli_query($conn,$query);
$numResults = mysqli_num_rows($result);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) // Validate email address
{
$message = "Invalid email address please type a valid email!!";
}
elseif($numResults>=1)
{
$message = $email." Email already exist!!";
}
else
{
$qry= mysqli_query($conn,"INSERT into User_Info(Email,UserName,Password) VALUES('".$username."','".$email."','".md5($password)."')");
if($qry) {
$_SESSION['email'] = $email;
header("location: home.php");
}
$message = "Signup Sucessfully!!";
}
}
?>