Fatal编程技术网
  • php/
  • Php mysql_fetch_assoc-不显示结果

Php mysql_fetch_assoc-不显示结果

php mysql login

Php mysql_fetch_assoc-不显示结果,php,mysql,login,Php,Mysql,Login,我正在尝试使用mysql_fetch_assoc从我的数据库检索结果,但是当我回显以下纯白色屏幕时,我似乎没有得到任何结果: $email_address = $_POST['email_address']; $password = $_POST['password']; if(login($email_address, $password)){ $query = mysql_query("SELECT * FROM `users` WHERE `email_a

我正在尝试使用mysql_fetch_assoc从我的数据库检索结果,但是当我回显以下纯白色屏幕时,我似乎没有得到任何结果:

$email_address = $_POST['email_address'];
    $password = $_POST['password'];

    if(login($email_address, $password)){
        $query = mysql_query("SELECT * FROM `users` WHERE `email_address` = '$email_address' AND `password` = '$password'");
        $row = mysql_fetch_assoc($query);
        echo $row['email_address'];
    }else{
        echo "Invalid login";
    }
你可以试试下面的方法

if (isset($_POST['email_address']) && isset($_POST['password'])) {

$email_address = $_POST['email_address'];
$password = $_POST['password'];

//conection:
$con= mysqli_connect("hostname","username","password","database") or die("Error " . mysqli_error($link));

//query:
$query = mysql_query("SELECT * FROM users WHERE users.email_address = '$email_address' AND users.password = '$password'");

//display information:
$row = mysql_fetch_assoc($query);

if($email_address == $row['email_address'] && $password == $row['Password']){
echo $row['email_address'];
}else{
echo "Invalid login";
}
}
如果$query==NULL{/*handle error*/},请尝试捕获连接/db错误

然后

也就是说,不要使用不推荐的MySQL扩展,而是使用它。此外,如果您打算在任何时候让网站公开,最好使用。有关为什么不应使用简单的散列函数(即使是盐渍函数)对密码进行散列,以及为什么改用a的简要概述,请参见

最后,您的代码可以接受SQL注入。关于如何防范它

作为旁注,有些人避免做SELECT*是因为

架构可能会在稍后的时间点更改 它为您提供可能不需要的列,因此需要额外的传输/处理时间 选择所需的列可以提高代码的清晰度
将查询更改为此,添加DIEU error以检查查询中是否存在任何错误:

$email_address = $_POST['email_address'];
$password = $_POST['password'];

if(login($email_address, $password)){
    $query = mysql_query("SELECT * FROM `users` WHERE `email_address` = '$email_address' AND `password` = '$password'") or die(mysql_error());
    $row = mysql_fetch_assoc($query);
    echo $row['email_address'];
} else {
    echo "Invalid login";
}
查询可能失败,或者可能返回0行。您需要验证$query是否成功,以及是否返回了行。此外,您对SQL注入开放,不应将密码存储为纯文本。它会在哪里引发错误?您确定密码没有散列吗?添加echo mysql\u error;和echo mysql_num_rows$query;$row=mysql\u fetch\u assoc$query之前;Line我建议您查看登录函数中使用的查询,然后对查询进行建模。 
$email_address = $_POST['email_address'];
$password = $_POST['password'];

if(login($email_address, $password)){
    $query = mysql_query("SELECT * FROM `users` WHERE `email_address` = '$email_address' AND `password` = '$password'") or die(mysql_error());
    $row = mysql_fetch_assoc($query);
    echo $row['email_address'];
} else {
    echo "Invalid login";
}