1. 首页
  2. 问答
  3. SQL查询不返回值,设置为会话变量

SQL查询不返回值,设置为会话变量

2014-01-14 50 views
0

我一直试图从我的mysql服务器表字段中设置一个等于$ _SESSION [“mypermissions”]会话变量的值。无论我尝试什么,它都会出现空白或值为0.我觉得这可能是一个愚蠢的问题,有一个简单的解决方案,但似乎没有任何工作。这是我的代码到目前为止,看问题的SQL查询底部附近。SQL查询不返回值,设置为会话变量

<?php 
$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password=""; // Mysql password 
$db_name="comproject"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse. 
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB"); 

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection 
$myusername = stripslashes($myusername); 
$mypassword = stripslashes($mypassword); 
$myusername = mysql_real_escape_string($myusername); 
$mypassword = mysql_real_escape_string($mypassword); 
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; 
$result=mysql_query($sql); 

// Mysql_num_row is counting table row 
$count=mysql_num_rows($result); 

// If result matched $myusername and $mypassword, table row must be 1 row 
if($count==1){ 

session_start(); 
$_SESSION["myusername"] = $myusername; 

$sql = "SELECT permissions FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; 
$_SESSION["mypermissions"] = mysql_query($sql); 

header("location:login_success.php"); 
} 
else { 
echo "Wrong Username or Password"; 
} 
?>

来源

2014-01-14 Shard

+1

的问题是'$ _SESSION [“mypermissions”] =的mysql_query($的SQL);',你是分配资源的会话变量。相反,您希望首先从查询中获得结果。 – Jon

+0

你为什么要两次选择同一个东西?首先你做'SELECT *'然后''SELECT permissions',但'WHERE'条件是一样的。您可以从第一个查询的结果中提取权限。 – TiiJ7

回答

1

看来你没有获取查询结果。你要获取的结果,那么基于这样的结果设置会话变量:

<?php 
    $host="localhost"; // Host name 
    $username="root"; // Mysql username 
    $password=""; // Mysql password 
    $db_name="comproject"; // Database name 
    $tbl_name="members"; // Table name 

    // Connect to server and select databse. 
    mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
    mysql_select_db("$db_name")or die("cannot select DB"); 

    // username and password sent from form 
    $myusername=$_POST['myusername']; 
    $mypassword=$_POST['mypassword']; 

    // To protect MySQL injection 
    $myusername = stripslashes($myusername); 
    $mypassword = stripslashes($mypassword); 
    $myusername = mysql_real_escape_string($myusername); 
    $mypassword = mysql_real_escape_string($mypassword); 
    $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' limit 1"; 
    $result=mysql_query($sql); 

    // Mysql_num_row is counting table row 
    $count=mysql_num_rows($result); 

    // If result matched $myusername and $mypassword, table row must be 1 row 
    if($count==1){ 
    session_start(); 
    $_SESSION["myusername"] = $myusername; 
    $row = mysql_fetch_object($result);//fetch object 
    $_SESSION["mypermissions"] = $row->permissions; // set permission to session 
    header("location:login_success.php"); 
    } 

else { 
echo "Wrong Username or Password"; 
} 
?>

来源

2014-01-14 16:58:33

+0

@Shard:你尝试过吗? –

0 
$res = mysql_query($sql); 
$row = mysql_fetch_object($res); 
$_SESSION["mypermissions"] = $row->permissions;

来源

2014-01-14 16:54:14

相关问题

 相关问题