-1

我有一个表格,要求用户输入他们的电子邮件地址才能收到密码重置电子邮件。在发送电子邮件之前,我正在尝试将电子邮件与数据库中的现有电子邮件进行比较;如果电子邮件不存在,则脚本不应发送重置电子邮件。我一直在阅读发布的问题/回复,并在谷歌上搜索了好几个小时,以及更改代码以删除空格或调整语法,但没有什么能让我摆脱这个 #1064 错误消息......'bouts ta give up ...

我得到的错误是: 您的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册,以在第 1 行 SQL 的“@rocketmail.com”附近使用正确的语法:SELECT customer_id FROM customer WHERE customer_email = user@rocketmail.com

$sql = "SELECT customer_id FROM customer WHERE customer_email = ".$_POST['email'];
$result = mysqli_query($db, $sql) or die(mysqli_error($db)."<br />SQL: $sql");
$num_rows = mysql_num_rows($result);

if($num_rows < 1) {
$problem = TRUE;
$error_message .= '<p class="errorctr">Email was not found in our database.</p>';
}
4

3 回答 3

0

您必须将字符串值括在引号中,否则肯定会出现语法错误。你的 PHP 语法很好,MySQL 不是

$sql = "SELECT customer_id FROM customer WHERE customer_email = '".mysqli_real_escape_string($db,$_POST['email'])."'";

稍后在您的代码中也有mysql_num_rows,应该mysqli_num_rows是这样的

$num_rows = mysqli_num_rows($result);
于 2013-08-15T06:03:33.393 回答
0

说到你真正需要尝试的,它是PDO

$sql = "SELECT customer_id FROM customer WHERE customer_email = ?";
$stm = $pdo->prepare($sql);
$stm->execute(array($_POST['email']));
$id  = $stm->fetchColumn();
if(!$id) {
    ...
于 2013-08-15T06:27:26.750 回答
-1

尝试这个:

         $email = $_POST['email'];
         $sql = "SELECT customer_id FROM customer WHERE customer_email = '".mysqli_real_escape_string($db,$email )."'";
   $result = mysqli_query($db, $sql) or die(mysqli_error($db)."<br />SQL: $sql");

   while($row = mysqli_fetch_array($result)){

        if(!$row['customer_email']){
         echo '<p class="errorctr">Email was not found in our database.</p>';
               }

      }
于 2013-08-15T06:24:19.910 回答