0

我几乎可以肯定以下行是错误的:

if ($mQuery){


但由于 num_rows 不起作用,我正在使用它。
如果条件不正确,我应该改变什么?

我的 PHP 登录代码:

<?php
    $mysqli = mysqli_connect("localhost","myUser","myPass","myDB");
    $error = false;

    $mQuery = $mysqli->query('SELECT * FROM usuarios WHERE usuario = '.$mysqli->real_escape_string(md5($_POST['usuario'])).' AND  senha = '.$mysqli->real_escape_string(md5($_POST['senha'])));

    if ($mQuery){
        $mAjax = (isset($_SERVER['HTTP_X_REQUESTED_WITH']) and strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest');
        if ($mAjax)
        {
            header('Cache-Control: no-cache, must-revalidate');
            header('Expires: '.date('r', time()+(86400*365)));
            header('Content-type: application/json');

            echo json_encode(array(
            'logged' => !$error
            ));
            exit();
        }
        elseif (!$error)
        {
            exit();
        }
    }
?>
4

1 回答 1

0

尝试更改您的查询

$mQuery = $mysqli->query('SELECT * FROM usuarios WHERE usuario = '.$mysqli->real_escape_string(md5($_POST['usuario'])).' AND  senha = '.$mysqli->real_escape_string(md5($_POST['senha'])));


$mQuery = $mysqli->query("SELECT * FROM usuarios WHERE usuario = '" . 
          $mysqli->real_escape_string(md5($_POST['usuario'])) . 
          "' AND  senha = '" . 
          $mysqli->real_escape_string(md5($_POST['senha'])) . "'");
于 2013-05-02T21:07:08.870 回答