douban2014 2014-06-14 10:22
浏览 50
已采纳

$ query row not working codeigniter

I am making a user login for my library file. But my user_query->rows are not working, not sure how to fix it been reading user guide.

$this->user_id = $user_query->row('user_id');
$this->username = $user_query->row('username');
$this->CI->session->userdata('user_id') = $user_query->row('user_id');

Fatal error: Can't use method return value in write context in C:\xampp\htdocs\codeigniter-cms\system\libraries\Users.php on line 69

Fatal error: Can't use method return value in write context in C:\xampp\htdocs\codeigniter-cms\system\libraries\Users.php on line 65

public function login() {
$user_query = $this->CI->db->query("SELECT * FROM " . $this->CI->db->dbprefix . "user WHERE username = '" . $this->CI->db->escape($username) . "' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1('" . $this->CI->db->escape($password) . "'))))) OR password = '" . $this->CI->db->escape(md5($password)) . "') AND status = '1'");

if ($user_query->num_rows() == 1) {

$data = array(
'user_id' => $this->user_id,
'username' => $this->username
);

$this->CI->session->set_userdata($data);

$this->user_id = $user_query->row('user_id');
$this->username = $user_query->row('username');

line 65 
$this->CI->session->userdata('user_id') = $user_query->row('user_id');      

// Line 69
$user_group_query = $this->CI->db->query("SELECT permission FROM " . $this->CI->db->dbprefix . "user_group WHERE user_group_id = '" . (int)$user_query->row('user_group_id') . "'");

$permissions = unserialize($user_group_query->row('permission'));

if (is_array($permissions)) {
foreach ($permissions as $key => $value) {
$this->permission[$key] = $value;
}
}

} else {

return false;

}

}

New error I removed password from showing on here

Error Number: 1064

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'admin'' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1(''*****''))))) O' at line 1

SELECT * FROM oc_user WHERE username = ''admin'' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1(''******''))))) OR password = ''***************'') AND status = '1'

Filename: C:\xampp\htdocs\codeigniter-cms\system\database\DB_driver.php

Line Number: 330
  • 写回答

1条回答 默认 最新

  • dow5001 2014-06-14 10:29
    关注

    What are you trying to do with this line:

    $this->CI->session->userdata('user_id') = $user_query->row('user_id');
    

    Are you trying to set a session? In that case, you need to use set_userdata():

    $this->CI->session->set_userdata('user_id', $user_query_>row('user_id');      
    

    Also, I've never seen the usage of row() like you do. I went to [the manua][1]l and saw just this:

    If you want a specific row returned you can submit the row number as a digit in the first parameter.

    No mention of using a string as field name. Maybe you mean:

    $row = $user_query->row();
    echo $row->user_id;
    

    I believe it can be chained, so $user_query->row()->user_id should work.

    Edit after comment

    Use parametrized queries, it's better and avoids those nasty escaping problems:

    $user_query = $this->CI->db->query("SELECT * FROM " . $this->CI->db->dbprefix . "
    user WHERE username = ? 
     AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1(?))))) OR password = ?) 
     AND status = ?", array($username, $password, md5($password), 1));
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 求差集那个函数有问题,有无佬可以解决
  • ¥15 【提问】基于Invest的水源涵养
  • ¥20 微信网友居然可以通过vx号找到我绑的手机号
  • ¥15 寻一个支付宝扫码远程授权登录的软件助手app
  • ¥15 解riccati方程组
  • ¥15 display:none;样式在嵌套结构中的已设置了display样式的元素上不起作用?
  • ¥15 使用rabbitMQ 消息队列作为url源进行多线程爬取时,总有几个url没有处理的问题。
  • ¥15 Ubuntu在安装序列比对软件STAR时出现报错如何解决
  • ¥50 树莓派安卓APK系统签名
  • ¥65 汇编语言除法溢出问题