0

当我的 login.php 文件加载时出现此错误。'警告:mysql_num_rows():提供的参数不是有效的 MySQL 结果资源'这是我所拥有的..

$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if($numrows!=0)
{
while ($row = mysql_fetch_assoc($query))
{
    $dbusername = $row['username'];
    $dbpassword = $row['password'];
}
if ($username==$dbusername&&$password==$dbpassword)
{
    echo "Youre in!";
}
else
    echo "Incorrect Password!";
}
else
    die("That user doesnt exist!");
}
else
die("Please enter a username and a password!");
?>
4

2 回答 2

0

将此添加到文件的顶部

ini_set('display_errors', 'on');
error_reporting(E_ALL | E_STRICT);

这个“应该”显示您的语法错误,无论如何,您的问题是语法错误

下面的代码应该让您更接近最终目的地

<?
ini_set('display_errors', 'on');
error_reporting(E_ALL | E_STRICT);

if($username) {
    $query = mysql_query("SELECT * FROM users WHERE username='$username'");
    $numrows = mysql_num_rows($query);
    if($numrows!=0) {
        while ($row = mysql_fetch_assoc($query)) {
            $dbusername = $row['username'];
            $dbpassword = $row['password'];
        }

        if ($username==$dbusername&&$password==$dbpassword) {
            echo "Youre in!";
        } else {
            echo "Incorrect Password!";
        }
    } else {
        die("That user doesnt exist!");
    }
} else {
    die("Please enter a username and a password!");
}
于 2012-11-01T16:24:43.167 回答
0

你错过了一些大括号:

$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if($numrows!=0)
{
    while ($row = mysql_fetch_assoc($query))
    {
        $dbusername = $row['username'];
        $dbpassword = $row['password'];
    }
    if ($username==$dbusername&&$password==$dbpassword)
    {
        echo "Youre in!";
    }
    else
        echo "Incorrect Password!";
    }
} else // <- THIS ONE
    die("That user doesnt exist!");
}
// And here another, in a if condition that isn't started in the code you give.
else
die("Please enter a username and a password!");
?>

服务器可以配置为如果出现错误,则页面留空。

mySQL 登录的其他一些技巧:永远不要将用户输入直接放在 MySQL 查询语句中!然后很容易通过 SQL 注入来入侵您的网站。

更多详情: http: //www.derby-web-design-agency.co.uk/blog-post/how-to-create-a-secure-login-system-in-php-part-1/12/

于 2012-11-01T16:31:43.740 回答