0

我试图通过根据会话上的用户名显示数据库中的用户数据来让我的会话变量用户名与我的数据库一起使用。

但是,我的脚本不起作用。我应该在这里做什么?

<?php session_start(); ?>
<?php include "includes/connection.php"; ?>
<?php

$query = mysql_query("SELECT id, username, password, email, name, aim, admin, time,        phone, address
FROM users 
WHERE username = $_SESSION['myusername']");


while($row = mysql_fetch_object($query) ) 
{ 
echo "$row->Id<br />";

echo "Username: . $row['id']";<br />"

//echo "$row->Password<br />";

//echo "$row->Email<br />"; 

//echo "$row->Name<br />";

//echo "$row->Aim<br />";

//echo "$row->Admin?<br />";

//echo "$row->Time<br />";

//echo "$row->Phone<br />";

//echo "$row->Address<br />";
}

?>

该脚本不工作,而是在屏幕上显示以下内容:

请参阅: http ://www3.londonmet.ac.uk:8008/~iia0014/userdetails.php

4

1 回答 1

1

你有很多事情是错的。html你在和php 使用引号之间混合。

和它之间的Id不同id

你还必须逃避你的变量,

看这个

    $myusername = mysql_real_escape_string($_SESSION['myusername']);
   $query = mysql_query("SELECT id, username, password, email, name, aim, admin, time,        phone, address
     FROM users 
 WHERE username = '".$myusername."' ");


 while($row = mysql_fetch_array($query) ) 
 { 
echo $row['id'] ."<br />";

echo "Username:" . $row['username']."<br />" ;

 ....
 ....  //continue same method as above by caring the quotes in their places . dont mix them with php


}

?>

我建议您使用 PDO 或 MYSQLI LOOK THIS已弃用。所以最好转向 PDO 或 SQLI

  • mysql_fetch_object() is similar to mysql_fetch_array(), with one difference - an object is returned, instead of an array. Indirectly, that means that you can only access the data by the field names, and not by their offsets (numbers are illegal property names).
于 2013-01-02T23:56:43.480 回答