Php 如何获取数据库中特定行的相应用户id(自动增量)值?
我的表有两列,用户id和用户名。用户使用如下用户名登录:Php 如何获取数据库中特定行的相应用户id(自动增量)值?,php,mysql,Php,Mysql,我的表有两列,用户id和用户名。用户使用如下用户名登录: <?php require('dbConnect.php'); $username = $_POST['username']; //need to keep this in a session, for other pages later on session_start(); $_SESSION['username'] = $username; $sql = "SELECT * FROM user WHERE us
<?php
require('dbConnect.php');
$username = $_POST['username'];
//need to keep this in a session, for other pages later on
session_start();
$_SESSION['username'] = $username;
$sql = "SELECT * FROM user WHERE username = '$username'";
$result = mysqli_query($con,$sql);
$check = mysqli_fetch_array($result);
if(isset($check)) :
//if the username exists in the database, then show a html submit button
$con->close();
?>
<html>
<body>
<form action="UserDetails.php" method="post">
<input type="submit">
</form>
</html>
<?php else :{
//if user is not in db, show this message
echo 'Sorry about that, you can't come in.';
}
$con->close();
?>
<?php endif; ?>
这些行后面的:
$sql = "SELECT * FROM user WHERE username = '$username'";
$result = mysqli_query($con,$sql);
$row = mysqli_fetch_assoc($result);
$user_id = $row["user_id"];
添加以下行:
$sql = "SELECT * FROM user WHERE username = '$username'";
$result = mysqli_query($con,$sql);
$row = mysqli_fetch_assoc($result);
$user_id = $row["user_id"];
isset($check)
此时不保存,最好检查$check的值,然后在之后检查{}
,否则不需要并且它将不起作用 这个(isset($check))
似乎给我带来了麻烦,有时返回用户id
,有时不返回
在很大程度上要感谢纳比尔的回答,这个想法对我起了作用。还要感谢Solrac Ragnarockradio让我走上正轨,通过mysqli\u real\u escape\u字符串使我的代码更加安全:
<?php
require('dbConnect.php');
$username = mysqli_real_escape_string($con,$_POST['username']);
$sql = "SELECT * FROM user WHERE username = '$username'";
$result = mysqli_query($con,$sql);
$row = mysqli_fetch_assoc($result);
$user_id = $row["user_id"];
//give me the corresponding user_id of the logged in user
echo $user_id;
if (mysqli_num_rows($result)==0) {
echo "Failed, sorry";
}
if (mysqli_num_rows($result) > 0) {
echo "User id exists already.";
}
$con->close();
?>
这里有几个问题:
1) 如果您使用的是“从username=$1的用户中选择*”,则username列应该是唯一的,并且永远不要忘记转义您的输入:
<?php
$username = mysqli_real_escape_string($con, $_POST['username']);
$sql_query = mysqli_query($con,"SELECT * FROM user WHERE username = '$username'");
然后,如果$\u SESSION['user\u id']
实际存在,您可以为登录用户输出任何您想要的内容
<html>
<body>
<form action="UserDetails.php" method="post">
<input type="submit">
</form>
</body>
<?php
echo 'Well, here\'s the output: <b>'. (isset($_SESSION['user_id']) ? $_SESSION['username'] : $error).'</b>';
你是说你想访问UserDetails.php页面上的user\u id
,对吗?从你选择的结果集中获取它如果你想在其他页面上使用$user\u id,也可以使用Sessions。谢谢,但它只处理我数据库中的重复项,而不是单个条目。例如,user\u id=1,username=Bill;
在我回显时不给我任何信息$user\u id
但如果我有重复项,比如user\u id=1,username=Bill;user\u id=2,username=Bill
,当我回显$user\u id
时,我得到了1
。有什么想法吗?对于mysql\u real\u escape\u字符串提示,我现在已经做了。但是使用mysqli。