Warning: file_get_contents(/data/phpspider/zhask/data//catemap/5/sql/71.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Php mssql_num_行需要1个参数来配置资源_Php_Sql - Fatal编程技术网
Fatal编程技术网
  • php/
  • Php mssql_num_行需要1个参数来配置资源

Php mssql_num_行需要1个参数来配置资源

php sql

Php mssql_num_行需要1个参数来配置资源,php,sql,Php,Sql,这是我的密码: $link=mssql_connect($server, 'username','password'); if (!$link) { die('Something went wrong while connecting to the mssql database, it could be offline! ' . mssql_get_last_message()); }

这是我的密码:

$link=mssql_connect($server, 'username','password');
if (!$link) {
die('Something went wrong while connecting to the mssql database, it could be offline! ' . mssql_get_last_message());
                                        }
                                        mssql_select_db('GunzDB', $link);
                                        $result="SELECT * FROM Account WHERE UserID = '$username'";

                                        if(mssql_num_rows($result) > 0){
                                            echo "That username is already in use!";    
                                    } else{
                                        $result="SELECT * FROM Account WHERE Email = '$email'";

                                        if(mssql_num_rows($result) > 0){
                                            echo "That email is already in use!";
                                        } else{

                                            $query="INSERT INTO Account (UserID, UGradeID, PGradeID, RegDate, Name, Email) VALUES ('" . $username . "','0','0','00:00','" . $name . "','" . $email . "')";
                                            if($query){
                                            $result="SELECT * FROM Account WHERE UserID = '$username'";

                                            $row = mssql_fetch_array($result);
                                            $AID=$row['AID'];
                                            $query="INSERT INTO Login (AID, Password) VALUES ('" . $AID . "','" . $password . "')";
                                            if($query){
                                            echo "<span style='color: lime'>Your account has been successfully created!</span>";
                                            } else{
                                                echo "error with MSSQL: " . mssql_get_last_message();
                                            }
                                            } else{
                                             echo "error with MSSQL: " . mssql_get_last_message();  
                                            }
我能得到一些帮助吗?

您没有发送查询以获得结果

$result = mssql_query("SELECT ... ");
您还容易受到SQL注入的攻击。阅读使用绑定参数和准备好的语句

$result = mssql_query("SELECT ... ");