Php登录表格错误行

Question

<?php 
session_start(); 
include_once ('connection.php'); 

if (isset($_POST['login'])){ 
    $uemail = $_POST['email']; 
    $upassword = $_POST['password']; 
} 

    $query = "SELECT * FROM users WHERE email = $uemail and password = $upassword"; 
    $result = mysqli_query($connection, $query); 


    if(mysql_num_rows($query) == 1){ 
     $_SESSION['email'] = $email; 
     header('Location: newfeeds.php'); 
     exit(); 

     }else{ 
     while ($row = mysql_fetch_assoc($result)) { 
     echo $row["email"]; 
     echo $row["password"]; 
     } 
    } 
    ?> 

我有PHP手册它说停止使用SQL和替换sqli但没有工作。它抛出一个错误。

Connected Successfully Fatal error: Call to undefined function mysql_num_rows() in D:\XAMPP\htdocs\codeinventor\login.php on line 14

Answer 1

将所有mysql_ *函数更改为mysqli_ *函数。

Answer 2

你不能一起使用mysql和mysqli。它们是独立的API，它们创建的资源互不兼容。所以替换mysql_*与mysqli_*将有所帮助！

Answer 3

我同意所有在这里你应该把所有的mysql_ *函数改成mysqli_ *函数。

给你的代码与MySQL API。请使用以下代码：

<?php 
session_start(); 
include_once ('connection.php'); 

if ($_SERVER['REQUEST_METHOD'] === 'POST') { 

    if ($_POST['email'] != "" AND $_POST['password'] != ""){ 

     $uemail = $_POST['email']; 
     $upassword = $_POST['password']; 

     $query = "SELECT * FROM users WHERE email = '$uemail' and password = '$upassword'"; 

     $result = mysqli_query($connection, $query); 

     if(mysql_num_rows($query) == 1){ 

     $_SESSION['email'] = $email; 
     header('Location: newfeeds.php'); 
     exit(); 

     }else{ 

     while ($row = mysql_fetch_assoc($result)) { 

      echo $row["email"]; 
      echo $row["password"]; 

     } 
     } 
    }else{ 

    echo "mail or password is not valid"; 
    } 

}else{ 

echo "The form has been not submitted"; 

} 


    ?> 

如果一个用户输入以下字符串作为用户名：

' or uid like '%admin%

您的查询将是这样的：

$query = "SELECT * FROM users WHERE email = '' or uid like '%admin%' and password = '$upassword'"; 

，这就是为什么我们告诉你你必须将所有的mysql_ *函数改为mysqli_ *函数。