<?php
session_start();
include_once ('connection.php');
if (isset($_POST['login'])){
$uemail = $_POST['email'];
$upassword = $_POST['password'];
}
$query = "SELECT * FROM users WHERE email = $uemail and password = $upassword";
$result = mysqli_query($connection, $query);
if(mysql_num_rows($query) == 1){
$_SESSION['email'] = $email;
header('Location: newfeeds.php');
exit();
}else{
while ($row = mysql_fetch_assoc($result)) {
echo $row["email"];
echo $row["password"];
}
}
?>
我有PHP手册它说停止使用SQL和替换sqli但没有工作。它抛出一个错误。Php登录表格错误行
Connected Successfully Fatal error: Call to undefined function mysql_num_rows() in D:\XAMPP\htdocs\codeinventor\login.php on line 14
更改为mysqli_num_rows()。您的查询不安全或不安全。查看准备好的语句 –
另请参阅http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php?rq=1 – MECU
[您的脚本存在SQL注入攻击的风险。 ](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) –