$var无法通过php mysql脚本运行
我不明白为什么第二个mysql外观不起作用。 从这里我可以看出,在emp_列表中,密码为“$pw”,用户名为“$un”限制1”代码>在第二行,$pw或$un中没有值,事实上,我无法回显任何$var无法通过php mysql脚本运行,php,mysql,Php,Mysql,我不明白为什么第二个mysql外观不起作用。 从这里我可以看出,在emp_列表中,密码为“$pw”,用户名为“$un”限制1”在第二行,$pw或$un中没有值,事实上,我无法回显任何 $un = $_POST['username']; $pw = $_POST['password']; $store = $_POST['store']; $pw = md5($pw); $ipaddress = $ipaddress; 从一开始或从第一个循环$nip开始,我做错了什么 <?
$un = $_POST['username'];
$pw = $_POST['password'];
$store = $_POST['store'];
$pw = md5($pw);
$ipaddress = $ipaddress;
从一开始或从第一个循环$nip开始,我做错了什么
<?php
$ipaddress = '';
if (isset($_SERVER['HTTP_CLIENT_IP']))
$ipaddress = $_SERVER['HTTP_CLIENT_IP'];
else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
$ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR'];
else if(isset($_SERVER['HTTP_X_FORWARDED']))
$ipaddress = $_SERVER['HTTP_X_FORWARDED'];
else if(isset($_SERVER['HTTP_FORWARDED_FOR']))
$ipaddress = $_SERVER['HTTP_FORWARDED_FOR'];
else if(isset($_SERVER['HTTP_FORWARDED']))
$ipaddress = $_SERVER['HTTP_FORWARDED'];
else if(isset($_SERVER['REMOTE_ADDR']))
$ipaddress = $_SERVER['REMOTE_ADDR'];
else {
$ipaddress = 'UNKNOWN';
}
$servername = "localhost";
$username = "******";
$password = "**********";
$dbname = "************";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
$connb = new mysqli($servername, $username, $password, $dbname, true);
// Check connection
if ($conn->connect_error)
{
die("Connection failed: " . $conn->connect_error);
}
$un = $_POST['username'];
$pw = $_POST['password'];
$store = $_POST['store'];
$pw = md5($pw);
$ipaddress = $ipaddress;
$sql = "SELECT * FROM acclst WHERE s = '$ipaddress' LIMIT 1 ";
$result = $conn->query($sql);
if ($result->num_rows > 0)
{
// There is an ipaddress and it is approved
while($row = $result->fetch_assoc())
{
echo 'welcome ';
echo $nip = $row['s'];
if ($conn->connect_error)
{
die("Connection failed: " . $conn->connect_error);
}
// this does not echo
echo $store;
$sqlb = "SELECT * FROM emp_list WHERE `username` = '$un' AND password = '$pw' LIMIT 1 ";
$resultb = $connb->query($sqlb);
if ($result->num_rows > 0) {
// There is an ipaddress and it is approved
while($rowb = $result->fetch_assoc()) {
// none of this echo's
echo $pw;
echo 'welcome ';
echo $rowb['namel'];
}
}
}
}
else
{
// There is no ip address and you do not have access.
echo "0 results";
}
?>
我不确定是否理解您的问题,但请尝试以下方法:
$sqlb = "SELECT * FROM emp_list WHERE password = " . $pw . " AND username = " . $un . " LIMIT 1 ";
这是我发现的。现在它工作得很好
// Create connection
$conn = new mysqli($servername, $username, $dbpassword, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$un = $_POST['username'];
$pw = $_POST['password'];
$store = $_POST['store'];
// $pw = password_hash('donavons', PASSWORD_DEFAULT);
$ipaddress = $ipaddress;
$sql = "SELECT * FROM acclst WHERE s = '$ipaddress' LIMIT 1 ";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// There is an ipaddress and it is approved
while($row = $result->fetch_assoc()) {
echo '<pre>IP Address Verified.' . $row['s'] . '</pre>';
$sqlb = "SELECT * FROM emp_list WHERE username = '$un' LIMIT 1 ";
$result = $conn->query($sqlb);
if ($result->num_rows > 0) {
// There is an ipaddress and it is approved
while($rowb = $result->fetch_assoc()) {
$hash = $rowb['password'];
if (password_verify($pw, $hash))
{
//创建连接
$conn=newmysqli($servername、$username、$dbpassword、$dbname);
//检查连接
如果($conn->connect\u错误){
die(“连接失败:”.$conn->connect\U错误);
}
$un=$_POST['username'];
$pw=$_POST['password'];
$store=$_POST['store'];
//$pw=密码\u散列('donavons',密码\u默认值);
$ipaddress=$ipaddress;
$sql=“从acclst中选择*,其中s=”$ipaddress“限制1”;
$result=$conn->query($sql);
如果($result->num_rows>0){
//有一个IP地址,它已被批准
而($row=$result->fetch_assoc()){
回显“IP地址已验证”。$row['s'].';
$sqlb=“从emp_列表中选择*,其中用户名=“$un”限制1”;
$result=$conn->query($sqlb);
如果($result->num_rows>0){
//有一个IP地址,它已被批准
而($rowb=$result->fetch_assoc()){
$hash=$rowb['password'];
if(密码验证($pw,$hash))
{
你不需要两个mysql连接,你不应该用md5散列密码。你无缘无故地运行同一个代码块两次。你的sql中有一个未关闭的`at`用户名。print\r($\u POST)
?mysqli::error
在哪里检查?sql转义?列名引用(注意:保留字)?也不要存储普通密码或md5密码;使用PassSwarm\u hash/\u verify等。“我为什么不使用md5?”因为MD5对于密码散列非常不安全。它本质上并不比将密码存储为纯文本好。PHP提供password\u散列
和password\u验证
函数是有原因的。这里的$dbhb
是什么?die(“连接失败:.$dbhb->connect\u错误”)
非常确定这应该是$conn->connect_error
没有更改。它不会出错或出现任何错误。它将显示的唯一内容是echo'welcome';echo$nip=$row['s'];@kkj您没有解释为什么愚蠢的连接更改和由此产生的SQL语法错误可能会有帮助。以下是我得到的信息。致命错误:调用未定义的函数uery()在第170行的/home1/donavons/public_html/fuel_tickets/txt/log_user_in.php中,您的预期输出是什么?您的实际输出是什么?log_user_in.php似乎与您发布的文件不同?