-1

我正在努力转换为 MYSQLi。我还没有完全有信心的事情。我在尝试分解脚本的这一部分时遇到错误。

 <?php 
// Parse the form data and add inventory item to the system

if (isset($_POST['username'])) {
    $username = $_POST['username'];
    $password = $_POST['password'];

    $level = ($_POST['level']);
    // See if that product name is an identical match to another product in the system
    include "includes/db_conx.php"; 

    $sql = "SELECT id FROM users WHERE username='$username' LIMIT 1";
    $user_query = mysqli_query($db_conx, $sql);
    $productMatch = mysqli_num_rows($sql); // count the output amount

    if ($productMatch > 0) {
       header("location: message.php?msg=usererror");
       exit();
    }
    // Add this product into the database now
    $username = preg_replace('#[^a-z0-9]#i', '', $_POST['username']);
    $ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR'));
    $email = mysqli_real_escape_string($_POST['email']);
    $p_hash = md5($password);
    $sql = mysqli_query("INSERT INTO users (username, password, ip, email, level, date_added) 
        VALUES('$username','$p_hash','$ip','$email','$level',now())") or die (mysql_error());
    header("location: order_complete.php"); 
    exit();
}
?>

我相信我已经完成了大部分工作,但下半场让我感到不适。我试图建立过去

// 现在将此产品添加到数据库中

mysqli 转换。我似乎无法阻止自己破坏脚本并抛出各种错误。我相信我已经完成了一半,但引入 select 让我失望。有人可以帮我弄清楚这一点。

4

2 回答 2

0

您将 $sql 作为参数传递给 mysqli_num_rows(),它应该是 mysqli_query() 的结果。

所以改成这个。

$sql = "SELECT id FROM users WHERE username='$username' LIMIT 1";
$user_query = mysqli_query($db_conx, $sql);
$productMatch = mysqli_num_rows($user_query); // count the output amount

该变量的更好名称可能是 $user_result 或带有单词 result in 的名称。

于 2013-07-26T08:49:41.913 回答
-1

检查下面提到的代码。

if (isset($_POST['username'])) {    

    $username = $_POST['username'];
    $password = $_POST['password'];

    $level = ($_POST['level']);
    // See if that product name is an identical match to another product in the system
     include "includes/db_conx.php"; // I guess it has $db_conx =  mysqli_connect("localhost", "my_user", "my_password", "world");

    $sql = "SELECT id FROM users WHERE username='$username' LIMIT 1";
    $user_query = mysqli_query($db_conx, $sql);
    $productMatch = mysqli_num_rows($user_query); // count the output amount

    if ($productMatch > 0) {

           header("location: message.php?msg=usererror");
        exit();
    }
    // Add this product into the database now
    $username = preg_replace('#[^a-z0-9]#i', '', $_POST['username']);
    $ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR'));

    $email = mysqli_real_escape_string($db_conx, $_POST['email']);

    $p_hash = md5($password);

$sql = mysqli_query($db_conx, "INSERT INTO users (username, password, ip, email, level, date_added) VALUES('$username','$p_hash','$ip','$email','$level',now())") or die (mysqli_error($db_conx));

    header("location: order_complete.php"); 
    exit();
}
于 2013-07-26T06:22:25.093 回答