1. 首页
  2. 问答
  3. PHP初学者。试图显示UserId

PHP初学者。试图显示UserId

2013-03-20 60 views
0

我正在访问我的数据库上的PhpMyAdmin,我所有的名字等都是正确的,但由于某种原因用户ID不起作用。有人能指引我朝着正确的方向吗?PHP初学者。试图显示UserId

我试过打印它,但没有显示。

<?php session_start(); 
$username = $_GET['username']; 
$password = $_GET['password']; 


// Create connection 


$con=mysqli_connect("localhost","root","","test"); 

// Check connection 
if (mysqli_connect_errno($con)) 
{ 
echo "Failed to connect to MySQL: " . mysqli_connect_error(); 
} 



$result = mysqli_query($con,"SELECT * FROM user2 where username='$username' and password='$password'"); 

$row_cnt = mysqli_num_rows($result); 
if($row_cnt >0){ 

while($row = mysqli_fetch_array($result)){ 
$UserId = $row['UserId']; 
} 
$sqlQuery2 = "SELECT ProductID, Name, Price, Description FROM product"; 

echo "Hello ".$username."<br>" .$UserId. "<br> This is a list of products"; 

$result2 = mysqli_query($con,$sqlQuery2); 

echo "<table border='1'> 
<tr> 
<th>ProductID</th> 
<th>Name</th> 
<th>Price</th> 
<th>Description</th> 
<th>View</th> 
</tr>"; 

while($row = mysqli_fetch_array($result2)) 
{ 
echo "<tr>"; 
echo "<td>" . $row['ProductID'] . "</td>"; 
echo "<td>" . $row['Name'] . "</td>"; 
echo "<td>" . $row['Price'] . "</td>"; 
echo "<td>" . $row['Description'] . "</td>"; 
echo "<td><a href=\"detailview.php?ProductID=".$row['ProductID']."\"'>Detailed View</a></td>"; 
echo "</tr>"; 
} 
echo "</table>"; 

mysqli_close($con); 
?> 
<a href="userupdatedetails.php?UserId=<?php echo $UserId ?>">Update My Details</a> 
<?php } else{ 
echo "invalid login "; } 
?>

来源

2013-03-20 user1944305

+0

'UserId'是数据库中的一列吗? – Kermit 2013-03-20 16:25:37

+5

尝试使用'var_dump($ row)'来查看yoe在该变量中的真实含义 – 2013-03-20 16:26:31

+4

您确实需要通过散列来阅读sql注入和安全密码存储。 – jeroen 2013-03-20 16:26:34

回答

0

用var_dump($ VAR),看看有什么是变量

1支票使用它 之前,而检查后,如果$用户ID设置什么是在$结果后检查$用户ID返回(如果条件为假,欧VAR没有设置..),你应该检查$ ROW_COUNT太

你应该缩进代码
这里是你的代码reindented:

<?php session_start(); 
$username = $_GET['username']; 
$password = $_GET['password']; 


// Create connection 


$con=mysqli_connect("localhost","root","","test"); 

// Check connection 
if (mysqli_connect_errno($con)) 
{ 
    echo "Failed to connect to MySQL: " . mysqli_connect_error(); 
} 



$result = mysqli_query($con,"SELECT * FROM user2 where username='$username' and password='$password'"); 

$row_cnt = mysqli_num_rows($result); 
if($row_cnt >0){ 

    while($row = mysqli_fetch_array($result)){ 
     $UserId = $row['UserId']; 
    } 
    $sqlQuery2 = "SELECT ProductID, Name, Price, Description FROM product"; 

    echo "Hello ".$username."<br>" .$UserId. "<br> This is a list of products"; 

    $result2 = mysqli_query($con,$sqlQuery2); 

    echo "<table border='1'> 
    <tr> 
    <th>ProductID</th> 
    <th>Name</th> 
    <th>Price</th> 
    <th>Description</th> 
    <th>View</th> 
    </tr>"; 

    while($row = mysqli_fetch_array($result2)) 
    { 
     echo "<tr>"; 
     echo "<td>" . $row['ProductID'] . "</td>"; 
     echo "<td>" . $row['Name'] . "</td>"; 
     echo "<td>" . $row['Price'] . "</td>"; 
     echo "<td>" . $row['Description'] . "</td>"; 
     echo "<td><a href=\"detailview.php?ProductID=".$row['ProductID']."\"'>Detailed View</a></td>"; 
     echo "</tr>"; 
    } 
    echo "</table>"; 

    mysqli_close($con); 
    ?> 
    <a href="userupdatedetails.php?UserId=<?php echo $UserId ?>">Update My Details</a> 
    <?php 
} 
else 
{ 
    echo "invalid login "; 
} 
?>

来源

2013-03-20 16:41:17 Acuao

+0

它在结束时关闭 user1944305 2013-03-20 16:57:03

+0

啊好吧,对不起程序没有正确缩进的代码,并具有1片多(也许是因为没有回报)...你看到了良好的缩进是必不可少的,而编码....怎么样变种转储? 我编辑了帖子,并给出了缩进代码的核心版本 – Acuao 2013-03-20 17:20:01

相关问题

 相关问题