Php mysqli_fetch_array()不检索任何内容
我有一个简单的数据库表“accounts”,其中有3个条目:“user”、“pass”和“ID”。ID是一个整数 我正试图从表中检索ID并将其存储到$\u会话['ID'],但我运气不好 代码如下:Php mysqli_fetch_array()不检索任何内容,php,mysql,sql,mysqli,Php,Mysql,Sql,Mysqli,我有一个简单的数据库表“accounts”,其中有3个条目:“user”、“pass”和“ID”。ID是一个整数 我正试图从表中检索ID并将其存储到$\u会话['ID'],但我运气不好 代码如下: session_start(); // Checks to see if the input account is valid $result = mysqli_query($con,"SELECT * FROM accounts WHERE user='$_POST[user]' AND
session_start();
// Checks to see if the input account is valid
$result = mysqli_query($con,"SELECT * FROM accounts
WHERE user='$_POST[user]'
AND pass='$_POST[pass]'");
//Check to see if account exists
if(!mysqli_fetch_array($result))
{
$_SESSION['loggedin'] = false;
}
else
{
$_SESSION['loggedin'] = true;
$_SESSION['user'] = $_POST['user'];
$id = mysqli_fetch_array($result);
$_SESSION['id'] = $id['ID'];
echo $_SESSION['id'];
}
//header('Location: index1.php/');
?>
在我的index1.php页面上,我确实设法用相同的代码位检索信息,除了$result不使用select语句的WHERE和and子句。您似乎在两次获取数据:一次在
ifelse//Check to see if account exists
if($id!=mysqli_fetch_array($result))
{
$_SESSION['loggedin'] = false;
}
else
{
$_SESSION['loggedin'] = true;
$_SESSION['user'] = $_POST['user'];
$_SESSION['id'] = $id['ID'];
echo $_SESSION['id'];
}
//Check to see if account exists
if(!$result)
{
$_SESSION['loggedin'] = false;
}
else
{
$_SESSION['loggedin'] = true;
$_SESSION['user'] = $_POST['user'];
$id = mysqli_fetch_array($result);
$_SESSION['id'] = $id['ID'];
echo $_SESSION['id'];
}
实际上,您正在获取前两行(每次调用
mysqli\u fetch\u array()// ...
//Check to see if account exists
$row = mysqli_fetch_array($result);
if(!$row)
{
$_SESSION['loggedin'] = false;
}
else
{
$_SESSION['loggedin'] = true;
$_SESSION['user'] = $_POST['user'];
$_SESSION['id'] = $row['ID'];
echo $_SESSION['id'];
}
// ...
正如在注释中提到的,您的代码对SQL注入非常开放。仔细阅读准备好的语句以防止这种情况发生,或者手动清理变量(不建议这样做!)。计算返回的行时会得到什么?mysqli_num_rows($result)在做任何其他事情之前,请先阅读并使用
mysqli$\u POST