Php SQL查询检索不到正确的结果
下面是我的login.php脚本,用于确定是否允许用户进入Php SQL查询检索不到正确的结果,php,mysql,Php,Mysql,下面是我的login.php脚本,用于确定是否允许用户进入 <?php if(isset($_POST['submitted'])) { $errors= array(); $username = ($_POST['username']); $pass = ($_POST['pass']); $shapass = sha1($pass); $_POST['username'] = filter_var($_POST['username'], FILTER_SANITIZE_ST
<?php
if(isset($_POST['submitted']))
{
$errors= array();
$username = ($_POST['username']);
$pass = ($_POST['pass']);
$shapass = sha1($pass);
$_POST['username'] = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
if ($_POST['username'] == "") {
$errors[] = "Please enter your username.";
}
if ($_POST['pass'] == "") {
$errors[] = "Please enter your password.";
}
if(is_array($errors))
{
echo '<font color="red"><div align="center" class="error"><span></span><ul>';
while (list($key,$value) = each($errors))
{
echo '<li>'.$value.'</li><br />';
}echo'</ul></div></font>';
}
if(empty($errors))
{
$user_name = "root";
$password = "";
$database = "rsswebapp";
$server = "127.0.0.1";
$db_handle = mysql_connect($server, $user_name, $password);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found)
{
$match = "Select ROWID,EMAIL,PWD from `user` ".
" where (USERNAME='$username' OR EMAIL='$username') and PWD='$shapass' ";
$qry = mysql_query($match);
/*
$uid = isset($_POST['username']) ? $_POST['username'] : $_SESSION['username'];
$pwd = isset($_POST['pass']) ? $_POST['pass'] : $_SESSION['pass'];
*/
$num_rows = mysql_num_rows($qry);
if ($num_rows <= 0) {
//unset($_SESSION['uid']);
//unset($_SESSION['pwd']);
header('location:index.php?msg=' . urlencode(base64_encode("Sorry, there is no username $username with the specified password.Try again!")));
}
else
{
session_start();
$_SESSION['ROWID'] = $sid ;
header("location:dashboard.php");
}
mysql_close($db_handle);
}
else {
print "Database NOT Found ";
mysql_close($db_handle);
}
}
}
?>
定义要为其显示URL的用户id
$user_id = 1;
运行简单的非联接查询
SELECT
`rssfeeds`.`URL`
FROM
`rssfeeds`
WHERE
`rssfeeds`.`USERID`='$user_id'
如果出于某种原因还需要用户表中的数据,则可以运行此查询
SELECT
`rssfeeds`.`URL`
FROM
`rssfeeds`
LEFT JOIN `user` ON (`rssfeeds`.`USERID`=`user`.`ROWID`)
WHERE
`user`.`ROWID`='$user_id'
OP:
我将数据存储在rssfeeds中,如下所示()。当我运行此查询时:从rssfeeds中选择rssfeeds.URL,其中rssfeeds.USERID=2在phpmyadmin上,我得到了如下内容()。我不明白的是如何使用PHP以单个链接的形式获得这个结果。我是这样做的谢谢
$query=“从rssfeeds中选择URL、标题作为rss,其中rss.USERID=”$\u会话['ROWID']。”;
$result=mysql\u query($query);
如果($结果){
while($row=mysql\u fetch\u assoc($result)){
回声“;
回声“
”;
}
}
用户表:
CREATE TABLE `User` (
`ROWID` int(11) NOT NULL,
`USERNAME` varchar(45) DEFAULT NULL,
`EMAIL` varchar(45) DEFAULT NULL,
`PWD` varchar(45) DEFAULT NULL,
PRIMARY KEY (`ROWID`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1
CREATE TABLE `RssFeeds` (
`RssfeedId` int(11) NOT NULL,
`USERID` int(11) NOT NULL,
`TITLE` varchar(45) DEFAULT NULL,
`URL` text,
PRIMARY KEY (`RssfeedId`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1
mysql> select u.*,GROUP_CONCAT(r.URL) as URL,GROUP_CONCAT(TITLE) as TITLE from User as u Left Join RssFeeds as r On u.ROWID = r.USERID WHERE ROWID = 1;
+-------+----------+-------+------+-------+-------+
| ROWID | USERNAME | EMAIL | PWD | URL | TITLE |
+-------+----------+-------+------+-------+-------+
| 1 | a | a | a | u1,u2 | t1,t2 |
+-------+----------+-------+------+-------+-------+
1 row in set (0.00 sec)
$num_rows = mysql_num_rows($qry);
if ($num_rows <= 0) {
//unset($_SESSION['uid']);
//unset($_SESSION['pwd']);
header('location:index.php?msg=' . urlencode(base64_encode("Sorry, there is no username $username with the specified password.Try again!")));
} else {
session_start();
$_SESSION['ROWID'] = $sid ;
header("location:dashboard.php");
}
RssFeeds表:
CREATE TABLE `User` (
`ROWID` int(11) NOT NULL,
`USERNAME` varchar(45) DEFAULT NULL,
`EMAIL` varchar(45) DEFAULT NULL,
`PWD` varchar(45) DEFAULT NULL,
PRIMARY KEY (`ROWID`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1
CREATE TABLE `RssFeeds` (
`RssfeedId` int(11) NOT NULL,
`USERID` int(11) NOT NULL,
`TITLE` varchar(45) DEFAULT NULL,
`URL` text,
PRIMARY KEY (`RssfeedId`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1
mysql> select u.*,GROUP_CONCAT(r.URL) as URL,GROUP_CONCAT(TITLE) as TITLE from User as u Left Join RssFeeds as r On u.ROWID = r.USERID WHERE ROWID = 1;
+-------+----------+-------+------+-------+-------+
| ROWID | USERNAME | EMAIL | PWD | URL | TITLE |
+-------+----------+-------+------+-------+-------+
| 1 | a | a | a | u1,u2 | t1,t2 |
+-------+----------+-------+------+-------+-------+
1 row in set (0.00 sec)
$num_rows = mysql_num_rows($qry);
if ($num_rows <= 0) {
//unset($_SESSION['uid']);
//unset($_SESSION['pwd']);
header('location:index.php?msg=' . urlencode(base64_encode("Sorry, there is no username $username with the specified password.Try again!")));
} else {
session_start();
$_SESSION['ROWID'] = $sid ;
header("location:dashboard.php");
}
用户表中的记录
mysql> select * from User;
+-------+----------+-------+------+
| ROWID | USERNAME | EMAIL | PWD |
+-------+----------+-------+------+
| 1 | a | a | a |
| 2 | b | b | b |
| 3 | c | c | c |
+-------+----------+-------+------+
3 rows in set (0.00 sec)
mysql> select * from RssFeeds;
+-----------+--------+-------+------+
| RssfeedId | USERID | TITLE | URL |
+-----------+--------+-------+------+
| 1 | 1 | t1 | u1 |
| 2 | 1 | t2 | u2 |
| 3 | 2 | t3 | u3 |
| 4 | 2 | t4 | u4 |
+-----------+--------+-------+------+
4 rows in set (0.00 sec)
在RssFeeds表中记录
mysql> select * from User;
+-------+----------+-------+------+
| ROWID | USERNAME | EMAIL | PWD |
+-------+----------+-------+------+
| 1 | a | a | a |
| 2 | b | b | b |
| 3 | c | c | c |
+-------+----------+-------+------+
3 rows in set (0.00 sec)
mysql> select * from RssFeeds;
+-----------+--------+-------+------+
| RssfeedId | USERID | TITLE | URL |
+-----------+--------+-------+------+
| 1 | 1 | t1 | u1 |
| 2 | 1 | t2 | u2 |
| 3 | 2 | t3 | u3 |
| 4 | 2 | t4 | u4 |
+-----------+--------+-------+------+
4 rows in set (0.00 sec)
按用户列出的RssFeeds
mysql> select u.*,r.URL from User as u Left Join RssFeeds as r On u.ROWID = r.USERID;
+-------+----------+-------+------+------+
| ROWID | USERNAME | EMAIL | PWD | URL |
+-------+----------+-------+------+------+
| 1 | a | a | a | u1 |
| 1 | a | a | a | u2 |
| 2 | b | b | b | u3 |
| 2 | b | b | b | u4 |
| 3 | c | c | c | NULL |
+-------+----------+-------+------+------+
5 rows in set (0.00 sec)
使用分组法
mysql> select u.*,GROUP_CONCAT(r.URL) as URL,GROUP_CONCAT(TITLE) as TITLE from User as u Left Join RssFeeds as r On u.ROWID = r.USERID GROUP BY u.ROWID;
+-------+----------+-------+------+-------+-------+
| ROWID | USERNAME | EMAIL | PWD | URL | TITLE |
+-------+----------+-------+------+-------+-------+
| 1 | a | a | a | u1,u2 | t1,t2 |
| 2 | b | b | b | u3,u4 | t3,t4 |
| 3 | c | c | c | NULL | NULL |
+-------+----------+-------+------+-------+-------+
3 rows in set (0.01 sec)
针对特定用户:
CREATE TABLE `User` (
`ROWID` int(11) NOT NULL,
`USERNAME` varchar(45) DEFAULT NULL,
`EMAIL` varchar(45) DEFAULT NULL,
`PWD` varchar(45) DEFAULT NULL,
PRIMARY KEY (`ROWID`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1
CREATE TABLE `RssFeeds` (
`RssfeedId` int(11) NOT NULL,
`USERID` int(11) NOT NULL,
`TITLE` varchar(45) DEFAULT NULL,
`URL` text,
PRIMARY KEY (`RssfeedId`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1
mysql> select u.*,GROUP_CONCAT(r.URL) as URL,GROUP_CONCAT(TITLE) as TITLE from User as u Left Join RssFeeds as r On u.ROWID = r.USERID WHERE ROWID = 1;
+-------+----------+-------+------+-------+-------+
| ROWID | USERNAME | EMAIL | PWD | URL | TITLE |
+-------+----------+-------+------+-------+-------+
| 1 | a | a | a | u1,u2 | t1,t2 |
+-------+----------+-------+------+-------+-------+
1 row in set (0.00 sec)
$num_rows = mysql_num_rows($qry);
if ($num_rows <= 0) {
//unset($_SESSION['uid']);
//unset($_SESSION['pwd']);
header('location:index.php?msg=' . urlencode(base64_encode("Sorry, there is no username $username with the specified password.Try again!")));
} else {
session_start();
$_SESSION['ROWID'] = $sid ;
header("location:dashboard.php");
}
基于OP提出的新问题的新答案:
以下是调试代码时的一些提示以及我是如何发现问题的:
1) 使用以下代码将php错误报告添加到php文件:
ini_set('display_errors',1);
error_reporting(E_ALL);
2) 在if
和中进行回声,同时/for
循环查看是否满足条件
3) Echovar_dump()
用于在使用变量查看实际运行的查询时执行的查询:
$query = "SELECT TITLE, URL FROM rssfeeds as rss WHERE rss.USERID='" . $_SESSION["ROWID"] . "'";
echo var_dump($query);
$result = mysqli_query($db_handle,$query);
修复方法如下:
CREATE TABLE `User` (
`ROWID` int(11) NOT NULL,
`USERNAME` varchar(45) DEFAULT NULL,
`EMAIL` varchar(45) DEFAULT NULL,
`PWD` varchar(45) DEFAULT NULL,
PRIMARY KEY (`ROWID`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1
CREATE TABLE `RssFeeds` (
`RssfeedId` int(11) NOT NULL,
`USERID` int(11) NOT NULL,
`TITLE` varchar(45) DEFAULT NULL,
`URL` text,
PRIMARY KEY (`RssfeedId`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1
mysql> select u.*,GROUP_CONCAT(r.URL) as URL,GROUP_CONCAT(TITLE) as TITLE from User as u Left Join RssFeeds as r On u.ROWID = r.USERID WHERE ROWID = 1;
+-------+----------+-------+------+-------+-------+
| ROWID | USERNAME | EMAIL | PWD | URL | TITLE |
+-------+----------+-------+------+-------+-------+
| 1 | a | a | a | u1,u2 | t1,t2 |
+-------+----------+-------+------+-------+-------+
1 row in set (0.00 sec)
$num_rows = mysql_num_rows($qry);
if ($num_rows <= 0) {
//unset($_SESSION['uid']);
//unset($_SESSION['pwd']);
header('location:index.php?msg=' . urlencode(base64_encode("Sorry, there is no username $username with the specified password.Try again!")));
} else {
session_start();
$_SESSION['ROWID'] = $sid ;
header("location:dashboard.php");
}
另外,在myfeed.php中:
$query = "SELECT URL FROM rssfeeds as rss WHERE rss.USERID='" . $_SESSION["ROWID"] . "'";
if($result)
{
echo "BG </br>";
// while($row = mysqli_fetch_assoc($result)) {
while($row = $result->fetch_array()){
// while( ($row = mysql_fetch_assoc($result))!== false){
//echo "WELL DONE";
echo "{$row["TITLE"]} {$row["URL"]} </br>" ;
// $r[$index] = $row["URL"];
// $index++;
// printf ("%s \n", $row["URL"]);
}
echo "HX";
应该是以下内容:(您没有检索标题
字段,尽管您稍后试图在脚本中调用它。)
最后,你回显结果的语法是错误的。myfeed.php中还包含以下内容:
$query = "SELECT URL FROM rssfeeds as rss WHERE rss.USERID='" . $_SESSION["ROWID"] . "'";
if($result)
{
echo "BG </br>";
// while($row = mysqli_fetch_assoc($result)) {
while($row = $result->fetch_array()){
// while( ($row = mysql_fetch_assoc($result))!== false){
//echo "WELL DONE";
echo "{$row["TITLE"]} {$row["URL"]} </br>" ;
// $r[$index] = $row["URL"];
// $index++;
// printf ("%s \n", $row["URL"]);
}
echo "HX";
if($result)
{
回声“BG”;
//while($row=mysqli\u fetch\u assoc($result)){
而($row=$result->fetch_array()){
//while(($row=mysql\u fetch\u assoc($result))!==false){
//呼应“干得好”;
回显“{$row[“TITLE”]}{$row[“URL”]}”;
//$r[$index]=$row[“URL”];
//$index++;
//printf(“%s\n”,$row[“URL”]);
}
回声“HX”;
应该是:
if($result){
echo "BG </br>";
while($row = $result->fetch_array()){
echo $row["TITLE"]." ".$row["URL"]." </br>" ;
}
echo "HX";
if($result){
回声“BG”;
而($row=$result->fetch_array()){
echo$row[“TITLE”]。$row[“URL”]。“”;
}
回声“HX”;
最后一点注意,您在login.php中使用的是mysql\u*
扩展,但在myfeeds.php中使用的是mysqli\u*
扩展,您应该将不推荐的扩展的所有实例转换为新的扩展。大多数/所有已注释的代码都可以删除,因为不需要。请测试这些更改并让我知道它是如何工作的这里需要一些WHERE
子句。如果在登录后将USERID
存储在某个变量中,您甚至可能不需要加入表。@Eggplant我认为执行内部联接与=语句完全相同,因为调度程序使用的是相同的,不是吗?@DavidLevel它与什么相同?我不是说t使用WHERE
子句重写内部联接,而不是使用WHERE rssfeeds.USERID=[some\u id\u here]
,这在这个特定查询中使得联接实际上没有用,因为您没有从“user”中选择任何字段table.@PriyanshuKumar您要查找的查询是从rssfeeds中选择URL,其中USERID=?;
但是如果您对PHP没有足够的熟练程度,无法使用会话变量来存储登录的用户,我建议您在继续项目之前学习该语言。干杯。将id存储在会话变量中并不能e它会自动用于一个甚至没有出现的查询!你使用的查询是错误的,也就是说。在这个查询中,使用这个id来代替?
。从rssfeeds中选择URL,其中USERID=?
。并且不要生气,真的,但是你应该在开始编码之前了解SQL和PHP。每一分钟都在学习ning,你实际上在事后节省了10分钟的时间,更不用说结果的质量了;)所以你建议在“rssfeeds”表中增加一列,该列应该成为主键?如果rssfeeds
表中没有RssfeedId
列,它也可以工作。但是,为了简单起见,每个表都有自己的主键。这不是强制性的。您所建议的不是一个动态可行的解决方案。用户登录到他的帐户,也可能有新的注册者。这意味着我会不断为每个用户更改我的PHP文件。@PriyanshuKumar当用户登录时,将用户id保存为$\u会话[“user\u id”]
,然后您可以设置$user\u id=$\u会话[“user\u id”]
我不是想把你的用户id硬编码成$user\u id
我只是觉得你对那部分已经有足够的理解了。怎么做?我设置了$\u会话[“ROWID”]=$sid;
在从数据库检查用户名和密码匹配后,在我的登录脚本上。然后我将用户重定向到他的仪表板页面,这次我设置了$sid=$\u会话['ROWID'];
并检查会话是否存在。如果存在,我会给他一个链接列表,其中一个是feed。如果单击feed,我会将他重定向到一个url类似于:vproject/dashboard.php?p=myfeed的页面,在那里我使用query:$query=“选择rssfeeds中的URL作为rss,用户作为userrss,其中rss.USERID='$sid'”
,但是什么也不显示。@PriyanshuKumar Try$query=“选择rssfeeds中的URL作为rss,其中rss.USERID=”$_SESSION['ROWID']。“;
当然,在您使用SESSION_start();
启动会话后,我会像这样将数据存储在rssfeeds中。”(图像):.当我运行此query=从rssfeeds
中选择rssfeeds
URL`FROMrssfeeds
WH