0

我无法弄清楚我的 phpscript 的这一部分有什么问题。登录成功,但我无法从正确的帐户检索数据。谁能看看这部分脚本是否有问题?

            $_SESSION['ingelogd'] = true;
            $_SESSION['profiel'] = $rij['Type'];
            $_SESSION['gebruikerID'] = $rij ['Account_nr']; 
            // Gebruiker succesvol ingelogd, gegevens opslaan in sessie enzo ...
            if(strcmp($rij['Type'],"bedrijf")==0){
                $query2 = "SELECT * FROM account_bedrijf WHERE Account_nr = '" . $_SESSION['gebruikerID'] . "limit 1' ";
                $result2 = mysql_query( $query2 ) or trigger_error( mysql_error() );
                if( mysql_num_rows( $result2 ) == 0 ) {
                    session_unset();
                    echo 'Ongeldige gebruikersnaam en/of wachtwoord';
                } else {
                    $_SESSION['company'] = $result->Bedrijf_nr;
                    header( 'Location: company_profile.php' ) ;
4

2 回答 2

2 
SELECT * FROM account_bedrijf WHERE Account_nr = '" . $_SESSION['gebruikerID'] . "limit 1' ";

将产生以下 SQL 语句(如果 gebruikerID 为 5):

SELECT * FROM account_bedrijf WHERE Account_nr = '5limit 1'

您忘记插入空格并且没有将 id 放在单引号之间。更正确的是:

SELECT * FROM account_bedrijf WHERE Account_nr = '" . $_SESSION['gebruikerID'] . "' limit 1";

这将产生一个更正确的

SELECT * FROM account_bedrijf WHERE Account_nr = '5' limit 1
于 2012-07-26T14:11:05.970 回答
0

我重写代码。我放了一点 mysql_error 以便您可以查看是否发生了 mysql 错误。

   <?php
    $_SESSION['ingelogd'] = true;
    $_SESSION['profiel'] = $rij['Type'];
    $_SESSION['gebruikerID'] = $rij['Account_nr'];
    // Gebruiker succesvol ingelogd, gegevens opslaan in sessie enzo ...
    if (strcmp($rij['Type'], "bedrijf") == 0)
    {
        // Define variables
        $session_var = $_SESSION['gebruikerID'];
        $query2 = "SELECT * FROM account_bedrijf WHERE Account_nr='$session_var' LIMIT 1";
        // Do the query // use mysql error for debugging
        $result2 = mysql_query($query2) or die(mysql_error());
        if (mysql_num_rows($result2) == 0)
        {
            session_unset();
            echo 'Ongeldige gebruikersnaam en/of wachtwoord';

        } else
        {
            $_SESSION['company'] = $result->Bedrijf_nr;
            header('Location: company_profile.php');
        }
    }
    ?>
于 2012-07-26T14:17:18.060 回答