PHP根据输入从数据库回显所有数据
我想了解如何基于单个键从数据库输出数据,例如,我的数据库列是: kodeDosen(PrimaryKey)、namaDosen、电子邮件、telepon、密码 而我的登录界面用户只能输入kodeDosen和密码,我想显示其他数据的exept密码,这是我的注册php:PHP根据输入从数据库回显所有数据,php,arrays,database,Php,Arrays,Database,我想了解如何基于单个键从数据库输出数据,例如,我的数据库列是: kodeDosen(PrimaryKey)、namaDosen、电子邮件、telepon、密码 而我的登录界面用户只能输入kodeDosen和密码,我想显示其他数据的exept密码,这是我的注册php: <?php include 'connectdb.php'; $data = json_decode(file_get_contents('php://input'), true); $kodeD
<?php
include 'connectdb.php';
$data = json_decode(file_get_contents('php://input'), true);
$kodeDosen =$data["kodeDosen"];
$namaDosen = $data["namaDosen"];
$email = $data["email"];
$telepon = $data["telepon"];
$password= $data["password"];
$message = array("message"=>"Success");
$failure = array("message"=>"Failure,kodeDosen already used");
$sql = "INSERT INTO tbl_dosen (kodeDosen, namaDosen, email, telepon, password) VALUES ('$kodeDosen', '$namaDosen', '$email', '$telepon','$password')";
if (mysqli_query($conn, $sql)) {
echo json_encode($message);
} else {
echo json_encode($failure) ;
}
?>
您可以在login.php中的sql SELECT语句中进行更改
$sql = "SELECT kodeDosen, namaDosen, email, telepon FROM tbl_dosen WHERE kodeDosen ='$kodeDosen' and password = '$password'";
在SELECT*中,表示返回所有列。我想您需要echo json\u encode($row)而不是echo json_encode($message)
试试看:
<?php
include 'connectdb.php';
$data = json_decode(file_get_contents('php://input'), true);
$kodeDosen =$data["kodeDosen"];
$password = $data["password"];
$message = array("message"=>"Data found");
$failure = array("mesage"=>"Data not found");
if ($stmt = mysqli_prepare($conn, "SELECT kodeDosen, namaDosen, email, telepon FROM tbl_dosen WHERE kodeDosen =? and password = ?")) {
/* bind parameters for markers */
mysqli_stmt_bind_param($stmt, "ss", $kodeDosen,$password);
/* execute query */
mysqli_stmt_execute($stmt);
/* store result */
$result = mysqli_stmt_get_result($stmt);
$row = mysqli_fetch_assoc( $result );
if(mysqli_num_rows($result) > 0) {
echo json_encode($row);
}else {
echo json_encode($failure);
}
}
?>
由于SQL注入,直接在SQL查询中插入变量不是一个好主意
我建议对这两个问题都使用事先准备好的陈述。要使用准备好的语句从db中提取结果,如下所示:
OOP风格:
$stmt = $db->prepare("SELECT kodeDosen, namaDosen, email, telepon FROM tbl_dosen WHERE kodeDosen = ? and password = ?");
$stmt->bind_param('ss', $kodeDosen, $password);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
//result is in row
var_dump($row);
}
程序风格:
$stmt = mysqli_prepare($conn, "SELECT kodeDosen, namaDosen, email, telepon FROM tbl_dosen WHERE kodeDosen = ? and password = ?");
mysqli_stmt_bind_param($stmt, 'ss', $kodeDosen, $password);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
while ($row = $result->fetch_assoc()) {
//result is in row
var_dump($row);
}
请解释您到底想要什么?我编辑了登录php,以便它使用预先准备好的语句,那么如何使它工作呢?得到了这个错误
警告:mysqli_fetch_assoc()期望参数1是mysqli_result,布尔值在第22行的C:\xampp\htdocs\test\DosenPublikasi\registerDosen.php中给出
警告:mysqli_num_rows()参数1应为mysqli_result,布尔值在第24行的C:\xampp\htdocs\test\DosenPublikasi\registerDosen.php中给出
$stmt = mysqli_prepare($conn, "SELECT kodeDosen, namaDosen, email, telepon FROM tbl_dosen WHERE kodeDosen = ? and password = ?");
mysqli_stmt_bind_param($stmt, 'ss', $kodeDosen, $password);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
while ($row = $result->fetch_assoc()) {
//result is in row
var_dump($row);
}