我有以下代碼獲取只有一個字段在PHP和mysqli的
if (isset($_POST['change'])) {
$current = mysqli_real_escape_string($con, $_POST['current']);
$password = mysqli_real_escape_string($con, $_POST['password']);
$cpassword = mysqli_real_escape_string($con, $_POST['cpassword']);
if(strlen($password) < 6) {
$error = true;
$password_error = "Password must be minimum of 6 characters";
}
if($password != $cpassword) {
$error = true;
$cpassword_error = "Password and Confirm Password doesn't match";
}
if(mysqli_fetch_field(mysqli_query($con, "SELECT password FROM users WHERE id = '" . $_SESSION['usr_id'] . "' LIMIT 1")) != md5($current)) {
$error = true;
$confirm_error = "Your actual password is not correct";
}
}
的問題是在這裏:
mysqli_fetch_field(mysqli_query($con, "SELECT password FROM users WHERE id = '" . $_SESSION['usr_id'] . "' LIMIT 1"))
它給我的錯誤
PHP Catchable fatal error: Object of class stdClass could not be converted to string in /.../password.php on line 27
我曾嘗試與
mysql_result(mysqli_query($con, "SELECT password FROM users WHERE id = '" . $_SESSION['usr_id'] . "' LIMIT 1"), 0)
,但它不工作,它給了我
PHP Fatal error: Uncaught Error: Call to undefined function mysql_result() in /.../password.php:27
我不想使用mysqli_fetch_array()
和while
循環。我搜索了一個功能或類似的東西,我發現了一些東西,但沒有爲我工作。
'mysqli_real_escape_string($ con,$ _POST ['password'])'你知道這樣做會適得其反。 –
它可能與'mysqli_fetch_field'無關。轉儲'$ _SESSION ['usr_id']',並分隔你的mysqli_query和mysqli_fetch_field語句。當然,mysql_result不起作用,它不是一個mysqli函數。 – aynber
'我不想使用mysqli_fetch_array()和while循環.' ....爲什麼? –