douzhang6496 2015-11-27 13:34
浏览 318
已采纳

mysqli_real_escape_string()返回空字符串

anyone have this solution??i am having this problem from this evening after sudden blue screen error. I was using this simple code to implement session in project something worked but after that mysterious restart this thing is acting weird!!!!

This code is supposed to work!!!!

UPDATE: Took care of some minor mistakes and its fully operational now :)

    <?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
    if (empty($_POST['username']) || empty($_POST['password'])) {
        $error = "Username or Password is invalid";
        }
        else
        {
            // Define $username and $password
            $username=$_POST['username'];
            $password=$_POST['password'];
            // Establishing Connection with Server by passing server_name, user_id and password as a parameter
            $connection = mysqli_connect("localhost", "root", "root","company");// Selecting Database
            if (!$connection) {
                die("Connection failed: " . mysqli_connect_error());
                }
                // To protect MySQL injection for Security purpose
                //$username = stripslashes($username);
                //$password = stripslashes($password);

                $username = mysqli_real_escape_string($connection,$username);
                $password = mysqli_real_escape_string($connection,$password);



                // SQL query to fetch information of registerd users and finds user match.
                $query = "select * from login where password='$password' AND username='$username'";  

                //$query = "select * from login where password='".$password."' AND username='".$username."'";



                $result=mysqli_query($connection,$query);
                $rows = mysqli_num_rows($result);


                if ($rows == 1) {
                    $_SESSION['login_user']=$username; // Initializing Session
                    header("location: profile.php"); // Redirecting To Other Page
                    }
                    else {
                        $error = "Username or Password Invalid";
                        }
                        mysqli_close($connection); // Closing Connection
                        }
                        }
?>

Output image(before editing) -

Output Image

  • 写回答

3条回答 默认 最新

  • dscuu86620 2015-11-27 13:39
    关注

    mysqli_real_escape_string($username) is missing a required parameter

    The usage of mysqli_real_escape_string() function is following:

    $con=mysqli_connect("localhost","my_user","my_password","my_db");
    
    // Check connection
    if (mysqli_connect_errno()) {
      echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }
    
    // escape variables for security
    $firstname = mysqli_real_escape_string($con, $_POST['firstname']);
    $lastname = mysqli_real_escape_string($con, $_POST['lastname']);
    $age = mysqli_real_escape_string($con, $_POST['age']);
    

    You have to add a $connection (your connection variable). So that it becomes: mysqli_real_escape_string($connection, $username)

    http://www.w3schools.com/php/func_mysqli_real_escape_string.asp

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 求差集那个函数有问题,有无佬可以解决
  • ¥15 【提问】基于Invest的水源涵养
  • ¥20 微信网友居然可以通过vx号找到我绑的手机号
  • ¥15 寻一个支付宝扫码远程授权登录的软件助手app
  • ¥15 解riccati方程组
  • ¥15 display:none;样式在嵌套结构中的已设置了display样式的元素上不起作用?
  • ¥15 使用rabbitMQ 消息队列作为url源进行多线程爬取时,总有几个url没有处理的问题。
  • ¥15 Ubuntu在安装序列比对软件STAR时出现报错如何解决
  • ¥50 树莓派安卓APK系统签名
  • ¥65 汇编语言除法溢出问题