代码:
<?php
session_start();
$_SESSION['msg'] = "";
$con = mysql_connect('localhost','me','omglol');
mysql_select_db('test',$con);
$q = mysql_query(sprintf("select * from UserTable where (nick=\"%s\") AND (pass=SHA1(\"%s\"))",$_POST['nick'],$_POST['pass']),$con) or die(mysql_error());
这对我来说是正确的。是的,我知道“测试”存在。并包含用户表。
首先,感谢摆脱将 php4 添加到我忘记的标签中:(
根据 Laser_wizard 的建议,我执行了以下操作:(完整代码):
<?php
session_start();
$_SESSION['msg'] = "";
$con = mysql_connect('localhost','me','omglol');
if(!$con)
{
die("The connection to mysql server is not being made.");
}
$db = 'test';
$selected = mysql_select_db($db,$con);
if(!$selected)
{
die(sprintf("Cannot use database %s.",$db));
}
//$q = mysql_query(sprintf("select * from UserTable where (nick=\"%s\") AND (pass=SHA1(\"%s\"))",$_POST['nick'],$_POST['pass']),$con) or die(mysql_error());
$q = mysql_query("select * from UserTable",$con) or die("The query statement still isn't working");
$row = mysql_fetch_assoc($q);
$dest=0;
if(mysql_num_rows($q)==0)
{
//$testn = mysql_query(sprintf("select * from UserTable where nick=(\"%s\")",$_POST['nick']),$con);
$testn = mysql_query("select * from Category",$con) or die("The 2nd query statement still isn't working");
if(mysql_num_rows($testn)==0)
{
$_SESSION['msg'] = "Nick ".$_POST['nick']." was not found. Check spelling or <a href=\\\"register.php\\\">register</a>";
}
else
{
$_SESSION['msg'] = "Password incorrect";
}
if(isset($_SESSION['attempts']))
{
$_SESSION['attempts'] = $_SESSION['attempts'] + 1;
}
else
{
$_SESSION['attempts'] = 1;
}
mysql_free_result($q);
mysql_free_result($testn);
mysql_close($con);
$dest = 'Location:http://cs4.sunyocc.edu/~me/onestopshop/login.php';
}
else
{
$_SESSION['nick'] = $_POST['nick'];
$_SESSION['email'] = $row['email'];
mysql_free_result($q);
mysql_close($con);
$dest = 'Location:http://cs4.sunyocc.edu/~me/onestopshop/index.php';
}
header($dest);
exit();
?>
与上述相同的错误。所以设置了 $con 并且 $selected 读取为 true,所以我很困惑接下来要检查什么。我猜 mysql_select_db($db,$con); 也不是 $testn 仍然无法正常工作但仍然阅读正确吗?我很困惑下一步该怎么做。