Php 获取错误警告:mysqli::query():无法';t在我的代码中获取mysqli
获取错误警告:mysqli::query():无法在中获取mysqliPhp 获取错误警告:mysqli::query():无法';t在我的代码中获取mysqli,php,mysqli,Php,Mysqli,获取错误警告:mysqli::query():无法在中获取mysqli <?php include 'includes/config.php'; include 'includes/database.php'; ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); if (isset($_POST['s
<?php
include 'includes/config.php';
include 'includes/database.php';
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
if (isset($_POST['sign'])) {
$name=$_POST['email'];
$pass=$_POST['password'];
$query_two="SELECT * FROM admin WHERE user='$name' AND password='$pass' ";
$runn=$db->query($query_two);
$row_login=$runn->fetch_assoc();
if ($row_login['user']==$name && $row_login['password']==$pass) {
session_start();
$_SESSION["username"] = $name;
header('Location: adminpane.php');
exit();
}
else {
echo "<script>
check();
</script>
";
exit();
}
}
?>
将某物用作:
<?php
session_start();
include 'includes/config.php';
include 'includes/database.php';
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
if (isset($_POST['sign'])) {
$name = mysqli_real_escape_string($db,$_POST['email']);
$pass = mysqli_real_escape_string($db,$_POST['password']);
$query_two = "SELECT * FROM admin WHERE user='$name' AND password='$pass'";
$runn = mysqli_query($db,$query_two);
$row_login = mysqli_fetch_assoc($runn);
if ($row_login['user']==$name && $row_login['password']==$pass) {
$_SESSION["username"] = $name;
header('Location: adminpane.php');
exit();
} else {
echo "<script>check();</script>";
exit();
}
}
?>
没有一个调用mysqli::query()
,因此至少缺少一些相关代码。顺便说一句,你很容易受到SQL注入的攻击…我已经添加了代码,请再次检查!!既然您已经发布了数据库连接详细信息(用户名、密码),请立即更改它们。否则,您的数据库中很快就会有一些访问者。
<?php
define('DB_HOST', 'xxx.xxx.xxx.xxx');
define('DB_USERNAME', 'XXX');
define('DB_PASSWORD', 'XXX');
define('DB_NAME', 'myDB');
?>
<?php
session_start();
include 'includes/config.php';
include 'includes/database.php';
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
if (isset($_POST['sign'])) {
$name = mysqli_real_escape_string($db,$_POST['email']);
$pass = mysqli_real_escape_string($db,$_POST['password']);
$query_two = "SELECT * FROM admin WHERE user='$name' AND password='$pass'";
$runn = mysqli_query($db,$query_two);
$row_login = mysqli_fetch_assoc($runn);
if ($row_login['user']==$name && $row_login['password']==$pass) {
$_SESSION["username"] = $name;
header('Location: adminpane.php');
exit();
} else {
echo "<script>check();</script>";
exit();
}
}
?>