Fatal编程技术网
  • php/
  • Php 如何获取数据库中特定行的相应用户id(自动增量)值?

Php 如何获取数据库中特定行的相应用户id(自动增量)值?

php mysql

Php 如何获取数据库中特定行的相应用户id(自动增量)值?,php,mysql,Php,Mysql,我的表有两列,用户id和用户名。用户使用如下用户名登录: <?php require('dbConnect.php'); $username = $_POST['username']; //need to keep this in a session, for other pages later on session_start(); $_SESSION['username'] = $username; $sql = "SELECT * FROM user WHERE us

我的表有两列,用户id和用户名。用户使用如下用户名登录:

<?php

require('dbConnect.php');

$username = $_POST['username'];

//need to keep this in a session, for other pages later on
session_start();
    $_SESSION['username'] = $username;

$sql = "SELECT * FROM user WHERE username = '$username'";
$result = mysqli_query($con,$sql);

$check = mysqli_fetch_array($result);

if(isset($check)) :

//if the username exists in the database, then show a html submit button
$con->close();
?>
     <html>
<body>
<form action="UserDetails.php" method="post">
 <input type="submit">
</form>
     </html>

<?php  else :{
    //if user is not in db, show this message
         echo 'Sorry about that, you can't come in.';
     }
     $con->close();
 ?>
 <?php endif; ?>
这些行后面的


$sql = "SELECT * FROM user WHERE username = '$username'";
$result = mysqli_query($con,$sql);    



$row = mysqli_fetch_assoc($result);
$user_id = $row["user_id"];


添加以下行:


$sql = "SELECT * FROM user WHERE username = '$username'";
$result = mysqli_query($con,$sql);    



$row = mysqli_fetch_assoc($result);
$user_id = $row["user_id"];



isset($check)
此时不保存,最好检查$check的值,然后在
之后检查
{}
,否则不需要
并且它将不起作用
 这个
(isset($check))
似乎给我带来了麻烦,有时返回
用户id
,有时不返回

在很大程度上要感谢纳比尔的回答,这个想法对我起了作用。还要感谢Solrac Ragnarockradio让我走上正轨,通过mysqli\u real\u escape\u字符串使我的代码更加安全:


<?php
require('dbConnect.php');

$username = mysqli_real_escape_string($con,$_POST['username']);

$sql = "SELECT * FROM user WHERE username = '$username'";
$result = mysqli_query($con,$sql);

$row = mysqli_fetch_assoc($result);
$user_id = $row["user_id"];

//give me the corresponding user_id of the logged in user
echo $user_id;

if (mysqli_num_rows($result)==0) {
    echo "Failed, sorry";
}

if (mysqli_num_rows($result) > 0) {
    echo "User id exists already.";

    }

$con->close();
?>



这里有几个问题:

1) 如果您使用的是
“从username=$1的用户中选择*”,则username列应该是唯一的,并且永远不要忘记转义您的输入:


<?php
$username = mysqli_real_escape_string($con, $_POST['username']);
$sql_query = mysqli_query($con,"SELECT * FROM user WHERE username = '$username'");


然后,如果
$\u SESSION['user\u id']
实际存在,您可以为登录用户输出任何您想要的内容


<html>
 <body>
  <form action="UserDetails.php" method="post">
  <input type="submit">
  </form>
</body>

<?php
 echo 'Well, here\'s the output: <b>'. (isset($_SESSION['user_id']) ? $_SESSION['username'] : $error).'</b>';





你是说你想访问UserDetails.php页面上的
user\u id
,对吗?从你选择的结果集中获取它如果你想在其他页面上使用$user\u id,也可以使用Sessions。谢谢,但它只处理我数据库中的重复项,而不是单个条目。例如,
user\u id=1,username=Bill;
在我回显时不给我任何信息
$user\u id
但如果我有重复项,比如
user\u id=1,username=Bill;user\u id=2,username=Bill
,当我回显
$user\u id
时,我得到了
1
。有什么想法吗?对于mysql\u real\u escape\u字符串提示,我现在已经做了。但是使用mysqli。