检索MySQL数据库

Question

我已经做了数据库列电子邮件，名字，姓氏，密码..等等数据
我的登录页面使用电子邮件和密码用于登录
我想要检索的名字列在键入的名字同一行作为电子邮件
我想知道怎么做
我的代码如下所示： -

$query=mysql_query("SELECT * FROM Users WHERE email='$email' AND 
`password`='$encrypted_pass' "); 

在此之后，我希望能够给一个变量分配给姓氏，所以我可以创建一个会话连同登录

Answer 1

我认为这涵盖了你要求的一切。开始一个会话，检查它是否好，为我们的发布数据设置几个变量，做一些数据验证，设置查询，查询数据库，检查结果，在会话中设置var lastname。

<?php 
header('Content-type: text/html'); 

    session_start(); 
    if (session_id() === '') { 
     echo 'session_id is null!'; 
     exit; 
    } 
    $myemail = null; 
    $mypassword = null; 

    if (isset($_POST['Submit']) == true) { 
     //assuming you have a db connection 
     //mysql_connect($host, $user, $password) || die(mysql_error()); 
     //mysql_select_db($database) || die(mysql_error()); 

    if ((isset($_POST["username"]) === false)|| 
      (isset($_POST["password"]) === false)) { 
      echo 'Please fill in all fields'; 
      exit; 
     } else { 
      // get the post data 
      $myemail = ($_POST["username"]); 
      $mypassword = ($_POST["password"]); 
     } 

    // check the form in database 
    $sql = "SELECT * FROM Users WHERE email = '".$myemail."' 
      AND password = '".$mypassword."'"; 
    $result = mysql_query($sql); 
    $count = mysql_num_rows($result); 

    $_SESSION['loggedin'] = false; 
    if ($count === 1) { 
     $userrecord = mysql_fetch_array($result); 
     $_SESSION['username'] = $userrecord['username']; 
     $_SESSION['password'] = $userrecord['password']; 
     $_SESSION['loggedin'] = true; 
     $_SESSION['lastname'] = $userrecord['lastname']; 
     // assign last name to a session var 

     echo 'You have been logged in successfully"; 
    } else { 
     echo 'Wrong username or password'; 
     exit; 
    } 
} else { 
    echo "No form post detected.<br><br>"; 
} 
?> 

这里有一些基本的东西使用Mysqli，因为mysql_命令已被弃用。再次，它使用一些常用名称，以便相应地进行调整

/********************************/ 
    // using mysqli (untested but should work) 
    /********************************/ 

    $mysqli = new mysqli("localhost", "dbuser", "dbpassword", "default_dbname"); 

    /* check connection */ 
    if (mysqli_connect_errno()) { 
     printf("Connect failed: %s\n", mysqli_connect_error()); 
     exit(); 
    } 

    // ecsape the query params 
    $myemail = $mysqli->real_escape_string($myemail); 
    $mypassword = $mysqli->real_escape_string($mypassword); 

    if ($mysqli->query("SELECT * FROM Users WHERE email = '$myemail' 
         AND password = '$mypassword'")) { 
     printf("%d Rows returned.\n", $mysqli->affected_rows); 

    // here is where you can set the $_SESSION vars 
    // and do any other work you want to do on login. 

    } 


    $mysqli->close(); 
    /********************************/ 
    //end mysqli 
    /********************************/ 

最后一件事。获取GitHub.com存储库设置，以便您可以轻松回滚到以前的版本。这真的是一个必须有国际海事组织。

Answer 2

然后你在列列表中指定列：

SELECT LastName 
FROM Users 
WHERE email = '$email' 
... 

然后，您需要获取结果集将其分配给一个变量。

Answer 3

mysql_职能正式废弃，不再维护/使用安全。

你应该使用PHP的PDO，而不是因为它是一个更安全，更面向对象的方法。 在DB_NAME，DB_USER_NAME和DB_USER_PASS只需填写您的特定凭据，此代码应为你工作。

$database = new PDO('mysql:host=localhost;dbname=DB_NAME;charset=UTF-8', 'DB_USER_NAME', 'DB_USER_PASS'); 

$query = $database->prepare("SELECT * FROM Users WHERE `email` = ? AND `password` = ? "); 
$query->bindValue(1, $email); 
$query->bindValue(2, $encrypted_pass); 
$query->execute(); 

if($query->rowCount() > 0) { # If rows are found for query 

    $result = $query->fetch(PDO::FETCH_ASSOC); 
    echo $result[ 'LastName' ]; # <-- The LastName field you were looking for! 

} 
else { echo "No Rows Returned!"; } 

对于PHP PDO的更多信息，请参阅http://www.php.net/manual/en/book.pdo.php