-1

我有一个将值传递给 log.php 的 html 页面:

<?php 
$PHONE = $_POST['pass'];

mysql_connect('host.com', 'user', 'pass'); mysql_select_db('userdb');  

$results = mysql_query(sprintf("SELECT FNAME,LNAME FROM `details` WHERE PASS='$PASS'",
mysql_real_escape_string($PASS))) or die(mysql_error()); while($row = mysql_fetch_assoc($results))
{ $rows[1] = $row; }
echo "Welcome ";
echo "$rows[1][FNAME]." ".$rows[1][LNAME]"
echo " you are logged in successfully"

?>

当值“pass”未在数据库中注册时,我以这种形式在 log.php 文件中得到结果:

Welcome [//here user's first & last name if registered or remains blank] you are logged in successfully

我创建了表格“详细信息”

FNAME-First name
LNAME-Lastname
BIRTHDAY-Birthday
PHONE- user's no.
PASS- user's password.

我的问题是,当传递值未在数据库中注册时,我只想显示“您不是注册用户”。任何帮助都会很好吗?

4

3 回答 3

1

只需检查您是否真的使用mysql_num_rows获得记录,

$results = mysql_query(sprintf("SELECT FNAME,LNAME FROM `details` WHERE PASS='$PASS'",
           mysql_real_escape_string($PASS))) or die(mysql_error());
if(mysql_num_rows($results) > 0){
   while($row = mysql_fetch_assoc($results))
   { 
      $rows[1] = $row; 
   }
   echo "Welcome ";
   echo $rows[1]['FNAME']." ".$rows[1]['LNAME'];
   echo "You are logged in successfully";
}
else{
    //Redirect them back with error message
    header("Location: http://www.example.com/index.php?err='You are not registered user'");
}

注意: 请不要mysql_*在新代码中使用函数。它们不再被维护并被正式弃用。看到红框了吗?改为了解准备好的语句,并使用PDOMySQLi -本文将帮助您决定使用哪个。如果您选择 PDO,这里有一个很好的教程

于 2013-06-24T06:15:12.863 回答
0

您在 $phone 变量中获取了密码的值,并且在选择查询中使用了 PASS= $PASS 那么它如何运行?

更改它然后运行如下:

$results = mysql_query(sprintf("SELECT FNAME,LNAME FROM `details` WHERE PASS='$PHONE'",
mysql_real_escape_string($PHONE))) or die(mysql_error());
于 2013-06-24T06:32:09.670 回答
0 
if(empty($rows[1][FNAME])){
    echo 'You are not registered user';
}
else{
    echo "Welcome ";
    echo "$rows[1][FNAME]." ".$rows[1][LNAME]";
    echo " you are logged in successfully";
}
于 2013-06-24T06:15:01.280 回答