Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/266.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
PHP MySQL列无效_Php_Mysql_Mysql Error 1054 - Fatal编程技术网
Fatal编程技术网
  • php/
  • PHP MySQL列无效

PHP MySQL列无效

php mysql

PHP MySQL列无效,php,mysql,mysql-error-1054,Php,Mysql,Mysql Error 1054,在过去的四天里,我一直在努力让它工作。它只是一个简单的登录页面,并没有存储敏感信息,但我在PHP方面遇到了问题 if ($_SERVER['REQUEST_METHOD'] == 'POST') { $uname = $_POST["login"]; $pword = $_POST["pass"]; $uname = htmlspecialchars($uname); $pword = htmlspecialchars($pword); $user_nam

在过去的四天里,我一直在努力让它工作。它只是一个简单的登录页面,并没有存储敏感信息,但我在PHP方面遇到了问题

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $uname = $_POST["login"];
    $pword = $_POST["pass"];
    $uname = htmlspecialchars($uname);
    $pword = htmlspecialchars($pword);
    $user_name = "bradf294_access";
    $password = "********";
    $database = "bradf294_clients";
    $server = "localhost";
    $db_handle = mysql_connect($server, $user_name, $password);
    $db_found = mysql_select_db($database, $db_handle);
    print(mysql_errno());
    print($db_found);
    if(isset($db_found)){
        print($db_found."Success");
        $SQL = "SELECT * FROM basicinfo WHERE ref = $uname AND pass = $pword";
        $result = mysql_query($SQL);
        print("Query made");
        print(mysql_errno());
        if ($result) {
            print("result:".$result);
        }
        else {
            print("Incorrect Login Details");
        }
        if ($result > 0) {
            print("found user");
            $errorMessage= "logged on ";
            session_start();
            $_SESSION['login'] = "1";
            header ("Location: progressuser.php");
        }
        else {
            print("Invalid Logon");
        }
    } else {
        print("Database not found. The Webmaster has been notified. Please try again   later");
        $subject = "Automated login error" ;
        $message = "An error occured whilst trying to connect to the MySQL database, to login to the progress checker" ;
        mail("a-bradfield@bradfieldandbentley.co.uk", $subject, $message);
    }
从我用来调试的页面上的输出来看,似乎是那些行不起作用,它们给出了一个1054错误-“未知列“%s”在“%s”中”

即使我将
$SQL
字符串复制并粘贴到phpMyAdmin中,并且它工作得很好

有没有什么明显的迹象表明我做错了?转到并输入详细信息参考:
TST001
并传递:
dnatbtr121
以查看自己的输出。

您的WHERE条件中的值是否应该像在普通MySQL语句中一样不被引号括起来?对此外,您还将得到一系列关于SQL注入的评论。

您需要引用以下变量:

$SQL = "SELECT * FROM basicinfo WHERE ref = '$uname' AND pass = '$pword'";
但是

mysql\u*
函数已被弃用-您应该考虑改为使用
PDO
mysqli\u*
。这两种方法都可以让您更容易地编写安全代码,并为您解决报价问题。

能否显示table basicinfo?您的PHP大括号不平衡。确保你的代码样本在语法上是正确的是很重要的!谢谢,你能推荐一些资源吗?php.net上有很多信息——PDO页面在,mysqli快速入门指南在thankyou,是的,我意识到它根本不安全!我还不打算在数据库上存储任何有价值的信息! 
$SQL = "SELECT * FROM basicinfo WHERE ref = '$uname' AND pass = '$pword'";