dsfdsf23423 2014-03-18 18:29
浏览 53

php中的网上银行代码[关闭]

$result = mysql_query("SELECT * FROM customers WHERE loginid= $_POST['loginid'] AND accpassword= $_POST['accpassword']");

Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in C:\wamp\www\index.php on line 6

  • 写回答

2条回答 默认 最新

  • douweng7308 2014-03-18 18:31
    关注

    Basic PHP syntax: You cannot use quoted array keys within a "-quoted string:

    $value = "$array['key']"; // bad
$value = "$array[key]"; // ok
$value = "{$array['key']}"; //ok, alternate syntax

    You are also vulnerable to SQL injection attacks. This is EXTRAORDINARLY bad since you say this is for online banking code...

    评论

报告相同问题?

悬赏问题

  • ¥100 set_link_state
  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号
  • ¥15 基于单片机的靶位控制系统
  • ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度