-1

对不起..我只是想早点澄清我的帖子。

<?php

        $db = pg_connect("host=localhost dbname=dbname user=user password=password");

        $sql = "SELECT * FROM users WHERE user_id = 8320 AND password = 'admin' ";
        $query = pg_query($sql);
        $row = pg_fetch_array($query);
        var_dump($row); //DUMPS EXACTLY WHAT I WANTED.. BUT WHEN I put it on a function like this.

?>


<?php
        function checkLogin($user_id, $password)
        {
        $db = pg_connect("host=localhost dbname=dbname user=user password=password");

        $sql = "SELECT * FROM users WHERE user_id = $user_id AND password = $password ";
        $query = pg_query($sql);
        $row = pg_fetch_array($query);
        return $row;
        }
?>


//CALL HERE

$data = checkLogin(8320, 'admin'); var_dump($data); // 转储 NULL

为什么会这样?

4

4 回答 4

1

您传递$upassword和使用的密码值$password应该用引号括起来,如下所示,

"SELECT * FROM users WHERE user_id = $user_id AND password = '$password'"
于 2013-06-17T04:55:11.560 回答
0 
$sql = "SELECT * FROM users WHERE user_id = $user_id AND password = $password ";

should be

$sql = "SELECT * FROM users WHERE user_id = $user_id AND password = '$password' ";
于 2013-06-17T05:14:09.837 回答
0

问题就在这里...

function checkLogin($user_id, $upassword)  //passing $upassword not $password

您传入$upassword 但不使用它,而是使用..just$password

 $sql = "SELECT * FROM users WHERE user_id = $user_id AND password = '$password'";

改成...

 $sql = "SELECT * FROM users WHERE user_id = $user_id AND password = '$upassword'";

简单的被忽略的语法错误:)

于 2013-06-17T04:53:47.410 回答
-1

跟进 Vinoth 的回答,如果 $user_id 将成为一个也需要用引号括起来的字符串。并注意清理用户提交的输入。

于 2013-06-17T05:09:45.217 回答