Fatal编程技术网
  • php/
  • Php在管理员登录页面中“无法执行选择查询”

Php在管理员登录页面中“无法执行选择查询”

php

Php在管理员登录页面中“无法执行选择查询”,php,Php,大家好,我是php新手,所以请温柔一点。我有管理员登录页面。当我尝试登录其get executed但显示消息无法执行select查询时。请告诉我这里的错误在哪里。下面是代码 <?php require_once("config.php"); $err = array(); foreach($_GET as $key => $value) { $get[$key] = filter($value); //get variables are filtered. }

大家好,我是php新手,所以请温柔一点。我有管理员登录页面。当我尝试登录其get executed但显示消息无法执行select查询时。请告诉我这里的错误在哪里。下面是代码

    <?php
require_once("config.php");
$err = array();
 foreach($_GET as $key => $value) {
$get[$key] = filter($value); //get variables are filtered.
     }

  if ($_POST['doLogin']=='Sign In') {
foreach($_POST as $key => $value) {
    $data[$key] = filter($value); // post variables are filtered
   }
$user_name = $data['adminuser'];
$pass = $data['adminpass'];
if($user_name != "" && $pass != ""){
    $query = sprintf("SELECT id, username, password, status FROM user WHERE username = '%s'", mysql_real_escape_string($user_name));
    $sql = mysql_query($query) or die("Couldn't Execute the select query");

    $num = mysql_num_rows($sql);
    // Match row found with more than 1 results  - the user is authenticated. 
    if ( $num > 0 ) { 
        list($id,$username,$pwd,$status) = mysql_fetch_row($sql);
        if(!$status) {
            //check against salt
            if ($pwd === PwdHash($pass,substr($pwd,0,9))) { 
                if(empty($err)){            
                    // this sets session and logs user in  
                    //session_start();
                    //session_regenerate_id (true); //prevent against session fixation attacks.
                    // this sets variables in the session 
                    $_SESSION['user_id']= $id;  
                    $_SESSION['user_name'] = $username;
                    $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
                    //update the timestamp and key for cookie
                    $stamp = time();
                    $ckey = GenKey();
                    mysql_query("update user set `ctime`='$stamp', `ckey` = '$ckey' where id='$id'") or die(mysql_error());
                    //set a cookie 

                    if(isset($_POST['rememberme'])){
                        setcookie("user_id", $_SESSION['user_id'], time()+60*60*24*COOKIE_TIME_OUT, "/");
                        setcookie("user_key", sha1($ckey), time()+60*60*24*COOKIE_TIME_OUT, "/");
                        setcookie("user_name",$_SESSION['user_name'], time()+60*60*24*COOKIE_TIME_OUT, "/");
                    }
                    header("Location:career.php");
                }
            } else {
                //$msg = urlencode("Invalid Login. Please try again with correct user email and password. ");
                $err[] = "Invalid Login. Please try again with correct user name and password.";
                //header("Location: login.php?msg=$msg");
            }
        } else {
            $err[] = "Account not activated. Please check with Admin";
        }
    } else {
        $err[] = "Error - Invalid login. No such user exists";
    }       
} else {
    $err[] = "Error - All fields are required";
}
 }
   ?>

当您无法执行查询时,mysql\u错误会返回什么?您应该按照上面的Barmar状态和使用或diemysql\u错误来代替或执行select查询。另外,在打开文件后,将错误报告添加到文件的顶部,还应添加退出;在headerLocation之后:career.php$query=sprintfSELECT id、用户名、密码、用户名为“%s”的用户状态、mysql\u real\u escape\u字符串$user\u name;请原谅我指出,您在where子句中请求1个变量,但返回2。如果我可以问的话,'%s'是什么?然后将SELECT id更改为SELECT u_id@Zain