Php mysqli\u real\u用$\u转义POST:error
我是PHP初学者,在做登录项目时发现mysqli\u real\u escape参数$\u POST有问题Php mysqli\u real\u用$\u转义POST:error,php,mysql,Php,Mysql,我是PHP初学者,在做登录项目时发现mysqli\u real\u escape参数$\u POST有问题 错误:未定义索引,所以您认为它可能是重复的主题,但在本例中,它位于mysqli_real_转义函数中 所以我用isset修复了这个错误,但它仍然有错误:语法错误,意外的“if”(T_if) 这是我的密码 session_start(); $con = mysqli_connect("localhost","root","", "test2"); $sql = "SELECT * FRO
错误:未定义索引,所以您认为它可能是重复的主题,但在本例中,它位于mysqli_real_转义函数中 所以我用isset修复了这个错误,但它仍然有错误:语法错误,意外的“if”(T_if) 这是我的密码
session_start();
$con = mysqli_connect("localhost","root","", "test2");
$sql = "SELECT * FROM member WHERE Username = '".mysqli_real_escape_string($con, $_POST['username'])."'
AND Password = '".mysqli_real_escape_string($con, $_POST['password'])."'";
$query = mysqli_query($con, $sql);
mysqli_real_escape_string($con, if(isset($_POST['password'])) $_POST['password'])
<form name="form1" method="post" action="login.php">
<b>Login</b><br><br>
<table border="1" style="width: 300px">
<tr>
<td> Username</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td> Password</td>
<td><input type="password" name="password"></td>
</tr>
</table>
<br>
<input type="submit" name="Submit" value="Login">
<a href="regispage.php"> Register </a>
登录
用户名
密码
您应该在之前使用此选项
$ con = .....
$username = $password = '';
if (isset($_POST['password'])) {
$password = mysqli_real_escape_stringw($con, $_POST['password']);
}
if (isset($_POST['username'])) {
$username = mysqli_real_escape_string($con, $_POST['username'])
}
$sql = "SELECT * FROM member WHERE Username = '".$username"' AND Password = '".$password."'";
这是一个更干净的代码,并提供了更好的可读性。请检查您的查询
$username = $password = ''; // To escape the undefined variable/index error
// Or you can simply use at the beginning, error_reporting(E_ALL ^ E_NOTICE ^ E_WARNING); to suppress notice and warning type error
$username = mysqli_real_escape_string($con, $_POST['username']);
$password = mysqli_real_escape_string($con, $_POST['password']);
$sql = "SELECT * FROM member WHERE Username = '{$username}' AND Password = '{$password}'";
希望它能起作用。还有一件事,请使用加密密码进行良好的实践。
mysqli\u real\u escape\u string($con,if(isset($\u POST['password']))$\u POST['password'])mysqli_real_escape_string($con,!empty($_POST['password'])?$_POST['password']:“”)非常感谢您!:)这仍然会给您一个未定义的索引错误($code>$username=mysqli\u real\u escape\u string($con,$\u POST['username'))如果用户名
尚未发布。。。除非您设置了危险且现已失效的register\u globals
。请使用此错误报告(E\u ALL ^E\u NOTICE ^E\u WARNING);取消显示通知和警告类型错误的步骤