duanba4254 2018-01-24 04:18
浏览 181
已采纳

在sql查询中使用SESSION变量时尝试获取非对象的属性

So I'm currently coding a system where when they log in, they get a specialized panel for their ranking.

By default they are called User, and the Admins get, well, Admin.

When I am trying to get the verification that they are an Admin.

error_reporting(E_ALL); // i've been trying to find the bugs with this
require_once('db.php'); //using the good ol $conn = new mysqli
session_start();
if(!isset($_SESSION['username']) || empty($_SESSION['username'])){
  header("location: login.php");
  exit;
//to detect if they are logged in or not
}

//here is a failed attempt where I tried to "escape" the $_SESSION variable 
//  which still doesn't work
$username = $conn->real_escape_string($_SESSION['username']);
// I've tried this query with the $_SESSION variable escaped, with it's alias
// etc.
$query1 = "SELECT * FROM `users` WHERE `rank` = Admin AND 
`username`='".$username."'";

// preparing to execute
$result = $conn->query($query1);

// this is where I detect if there is a row, set it to use Admin things 
// which I will code later, for now just var holders.
if ($result->num_rows > 0) {
  $rank = 'Admin';
} else {
  $rank = 'User';
}

I've looked everywhere about property of non-object, but I only find old 2008 posts, which I've tried to implement, but end up not working.

Using XAMPP (apache) with PHP 7

  • 写回答

2条回答 默认 最新

  • dpmpa26468 2018-01-24 04:26
    关注

    You need to correct your SQL

    "SELECT * FROM `users` WHERE `rank` = Admin AND `username`='".$username."'"
    

    to

    "SELECT * FROM `users` WHERE `rank` = 'Admin' AND `username`='".$username."'"
    

    Note: single quote between Admin

    I would suggest, to use below SQL instead, and store the rank value to SESSION directly.

    "SELECT rank FROM `users` WHERE `username`='".$username."'"
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥20 求一个html代码,有偿
  • ¥100 关于使用MATLAB中copularnd函数的问题
  • ¥20 在虚拟机的pycharm上
  • ¥15 jupyterthemes 设置完毕后没有效果
  • ¥15 matlab图像高斯低通滤波
  • ¥15 针对曲面部件的制孔路径规划,大家有什么思路吗
  • ¥15 钢筋实图交点识别,机器视觉代码
  • ¥15 如何在Linux系统中,但是在window系统上idea里面可以正常运行?(相关搜索:jar包)
  • ¥50 400g qsfp 光模块iphy方案
  • ¥15 两块ADC0804用proteus仿真时,出现异常