Php mysql\u num\u rows():提供的参数不是15中的有效mysql结果资源
每次尝试运行脚本时,我都会遇到这样的错误,即提供的参数不是有效的mysql结果资源。我不太清楚它为什么要这样做。我的目标是让它检查登录的客户机是否是管理员Php mysql\u num\u rows():提供的参数不是15中的有效mysql结果资源,php,mysql,mysql-num-rows,Php,Mysql,Mysql Num Rows,每次尝试运行脚本时,我都会遇到这样的错误,即提供的参数不是有效的mysql结果资源。我不太清楚它为什么要这样做。我的目标是让它检查登录的客户机是否是管理员 <?php session_start(); $username = $_POST['username']; $password = $_POST['password']; if ($username&&$password) { $user = $_SESSION['u
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if ($username&&$password)
{
$user = $_SESSION['user'];
//connect
$connect = mysql_connect("localhost","*******_robert","***********") or die ("Couldn't Connect"); //host,username,password
mysql_select_db("virtua15_gateway") or die ("Could not find database");
//query
$get = mysql_query("SELECT * FROM Users WHERE username='$user'");
$numrows = mysql_num_rows($query);
if ($numrows!=0)
{
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if ($username==$dbusername&&$password==$dbpassword)
{
header( 'Location: index2.php' );
$_SESSION['username']=$dbusername;
}
else
echo "incorrect username and password";
}
else
die ("This user does not exist");
}
else
die("Please enter a username and a password");
while($get = mysql_fetch_assoc($get))
{
$admin = $row['admin'];
}
if ($admin==0)
die ("You are not and admin!");
header('Location: index2.php')
?>
那么,是$get
还是$query
?调用查询资源$get,然后将其作为$query传递。选择一个:)
此外,在查询失败时添加错误检查(die()或trigger_error())
可能还值得注意的是,您需要转义任何输入,而不是直接在查询中输入(即使是从$\u会话或$\u COOKIES,而不仅仅是$\u POST)。用这个。您不应以明文形式存储密码,可能会使用或更好的哈希算法。使用以下方法:
$get = mysql_query("SELECT * FROM Users WHERE username='$user'");
$numrows = mysql_num_rows($get);
而不是:
将$query更改为$get我很确定我已经看到过这种问题。。。[提示:检查右侧“相关”选项卡下的问题---->]可能重复
$query = mysql_query("SELECT * FROM Users WHERE username='$user'");
$numrows = mysql_num_rows($query);
$get = mysql_query("SELECT * FROM Users WHERE username='$user'");
$numrows = mysql_num_rows($get);
$get = mysql_query("SELECT * FROM Users WHERE username='$user'");
$numrows = mysql_num_rows($query);
$get = mysql_query("SELECT * FROM Users WHERE username='$user'");
$numrows = mysql_num_rows($get);