1

この行である23行目でエラーが発生しています:

if (mysql_num_rows($result) > 0) {

以下の私のコードを見て、私が見逃したものを見ることができますか?

<?php
// Include database connection and select database UFPProducts
     include "../shopdb/connection.php";
?>
<?php
//
session_start();
// (2) Collect data from form and save in variables

$username=$_POST['username'];
$password=$_POST['password']; 

// (3) Create query of the form below to search the user table
//   "SELECT * FROM Users WHERE UserName='$username' AND  Password='$password'"

"SELECT * FROM USERS where Username='$username' AND Password='$password'"

// (3) Run query through connection

// (4) Check result of query using code below

// if rows found set authenticated user to the user name entered 
if (mysql_num_rows($result) > 0) { 
$_SESSION["authenticatedUser"] = $username;
// Relocate to the logged-in page
header("Location: loggedon.php");
} 
else
// login failed redirect back to login page with error message
{
$_SESSION["message"] = "Could not connect as $username " ;
header("Location: login.php");
}
?>

お時間とご協力ありがとうございました

4

2 に答える 2

0 
"SELECT * FROM USERS where Username='$username' AND Password='$password'";

最後にセミコロンを入れて試してください

于 2012-11-16T23:26:43.530 に答える
0

このコードを使用すると、SQL インジェクションによってサイトがハッキングされる可能性を最小限に抑えることができます。

<?php
// Include database connection and select database UFPProducts
     include "../shopdb/connection.php";
?>
<?php
//
session_start();
// (2) Collect data from form and save in variables

$username=mysql_real_escape_string(htmlentities($_POST['username']));
$password=mysql_real_escape_string(htmlentities($_POST['password']));

// (3) Create query of the form below to search the user table
//   "SELECT * FROM Users WHERE UserName='$username' AND  Password='$password'"

$query = "SELECT * FROM USERS where Username='$username' AND Password='$password'";
$result = mysql_query($query) or die (mysql_error()); 

// (3) Run query through connection

// (4) Check result of query using code below

// if rows found set authenticated user to the user name entered 
if (mysql_num_rows($result) > 0) { 
$_SESSION["authenticatedUser"] = $username;
// Relocate to the logged-in page
header("Location: loggedon.php");
} 
else
// login failed redirect back to login page with error message
{
$_SESSION["message"] = "Could not connect as $username " ;
header("Location: login.php");
}
?>
于 2012-11-16T23:34:50.420 に答える