1. 首页
  2. 问答
  3. mysql_num_rows():提供的参数不是有效的MySQL结果资源15

mysql_num_rows():提供的参数不是有效的MySQL结果资源15

2012-01-21 39 views
-1

每当我尝试运行我的脚本时,出现此错误,并说我不太确定它为什么要这样做。我的目标是让它检查是否登录的客户端是管理员。mysql_num_rows():提供的参数不是有效的MySQL结果资源15

<?php 
    session_start(); 
    $username = $_POST['username']; 
    $password = $_POST['password']; 

    if ($username&&$password) 
    { 

    $user = $_SESSION['user']; 
    //connect 
    $connect = mysql_connect("localhost","*******_robert","***********") or die ("Couldn't Connect"); //host,username,password 
    mysql_select_db("virtua15_gateway") or die ("Could not find database"); 
    //query 
    $get = mysql_query("SELECT * FROM Users WHERE username='$user'"); 
    $numrows = mysql_num_rows($query); 
    if ($numrows!=0) 
    { 
     while ($row = mysql_fetch_assoc($query)) 
     { 
       $dbusername = $row['username']; 
       $dbpassword = $row['password']; 
     } 
     if ($username==$dbusername&&$password==$dbpassword) 
     { 
     header('Location: index2.php'); 
     $_SESSION['username']=$dbusername; 
     } 
     else 
      echo "incorrect username and password"; 
    } 
     else 
     die ("This user does not exist"); 

    } 
    else 
     die("Please enter a username and a password"); 


    while($get = mysql_fetch_assoc($get)) 

{ 
$admin = $row['admin']; 
} 
if ($admin==0) 
die ("You are not and admin!"); 
header('Location: index2.php') 

?>

来源

2012-01-21 David

+2

我敢肯定,我已经看到了这样的问题... [提示:在右边的“相关”选项卡下检查问题---->] –

+0

[mysql_num_rows():提供的参数不是val的可能重复id MySQL结果资源](http://stackoverflow.com/questions/3698740/mysql-num-rows-supplied-argument-is-not-a-valid-mysql-result-resource) – DCoder

回答

3 
$get = mysql_query("SELECT * FROM Users WHERE username='$user'"); 
$numrows = mysql_num_rows($query);

那么,是不是$get$query

来源

2012-01-21 11:19:15

3

您调用您的查询资源$ get,但随后将其作为$ query传递。选择一个:)

$query = mysql_query("SELECT * FROM Users WHERE username='$user'"); 
$numrows = mysql_num_rows($query);

此外,添加了错误的情况下,检查查询失败(模具()或trigger_error())

可能还值得一提的,你需要逃避任何输入,而不是喂养它的直接在你的查询中(甚至从$ _SESSION或$ _COOKIES,不仅仅是$ _POST)。为此,使用mysql_real_escape_string()。而且你不应该以明文存储密码,可以使用sha1()或更好的散列算法。

来源

2012-01-21 11:20:27

2

使用这样的:

$get = mysql_query("SELECT * FROM Users WHERE username='$user'"); 
$numrows = mysql_num_rows($get);

代替:

$get = mysql_query("SELECT * FROM Users WHERE username='$user'"); 
$numrows = mysql_num_rows($query);

来源

2012-01-21 11:21:43

1 
$get = mysql_query("SELECT * FROM Users WHERE username='$user'"); 
$numrows = mysql_num_rows($get);

改变$查询到$得到

来源

2012-01-21 11:22:18 dimitril

相关问题

 相关问题