dpglo66848 2012-11-01 16:22
浏览 30
已采纳

login.php sql数据库

I am getting this error when my login.php file loads.. 'Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource' Heres what i have..

$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if($numrows!=0)
{
while ($row = mysql_fetch_assoc($query))
{
    $dbusername = $row['username'];
    $dbpassword = $row['password'];
}
if ($username==$dbusername&&$password==$dbpassword)
{
    echo "Youre in!";
}
else
    echo "Incorrect Password!";
}
else
    die("That user doesnt exist!");
}
else
die("Please enter a username and a password!");
?>
  • 写回答

2条回答 默认 最新

  • dqn8235 2012-11-01 16:31
    关注

    You missed some curly brackets:

    $query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if($numrows!=0)
{
    while ($row = mysql_fetch_assoc($query))
    {
        $dbusername = $row['username'];
        $dbpassword = $row['password'];
    }
    if ($username==$dbusername&&$password==$dbpassword)
    {
        echo "Youre in!";
    }
    else
        echo "Incorrect Password!";
    }
} else // <- THIS ONE
    die("That user doesnt exist!");
}
// And here another, in a if condition that isn't started in the code you give.
else
die("Please enter a username and a password!");
?>

    The server could be configured that if an error shows up, the page is left blank.

    Some other tips for mySQL login: Never ever put an user input directly in a MySQL query statement! It is then very easy to hack your site by means of SQL injection.

    For more details: http://www.derby-web-design-agency.co.uk/blog-post/how-to-create-a-secure-login-system-in-php-part-1/12/

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 执行 virtuoso 命令后,界面没有,cadence 启动不起来
  • ¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
  • ¥20 有关区间dp的问题求解
  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置
  • ¥15 有没有研究水声通信方面的帮我改俩matlab代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 保护模式-系统加载-段寄存器
  • ¥15 电脑桌面设定一个区域禁止鼠标操作
  • ¥15 求NPF226060磁芯的详细资料