Php登錄表格錯誤行

Question

<?php 
session_start(); 
include_once ('connection.php'); 

if (isset($_POST['login'])){ 
    $uemail = $_POST['email']; 
    $upassword = $_POST['password']; 
} 

    $query = "SELECT * FROM users WHERE email = $uemail and password = $upassword"; 
    $result = mysqli_query($connection, $query); 


    if(mysql_num_rows($query) == 1){ 
     $_SESSION['email'] = $email; 
     header('Location: newfeeds.php'); 
     exit(); 

     }else{ 
     while ($row = mysql_fetch_assoc($result)) { 
     echo $row["email"]; 
     echo $row["password"]; 
     } 
    } 
    ?> 

我有PHP手冊它說停止使用SQL和替換sqli但沒有工作。它拋出一個錯誤。

Connected Successfully Fatal error: Call to undefined function mysql_num_rows() in D:\XAMPP\htdocs\codeinventor\login.php on line 14

Answer 1

將所有mysql_ *函數更改爲mysqli_ *函數。

Answer 2

你不能一起使用mysql和mysqli。它們是獨立的API，它們創建的資源互不兼容。所以替換mysql_*與mysqli_*將有所幫助！

Answer 3

我同意所有在這裏你應該把所有的mysql_ *函數改成mysqli_ *函數。

給你的代碼與MySQL API。請使用以下代碼：

<?php 
session_start(); 
include_once ('connection.php'); 

if ($_SERVER['REQUEST_METHOD'] === 'POST') { 

    if ($_POST['email'] != "" AND $_POST['password'] != ""){ 

     $uemail = $_POST['email']; 
     $upassword = $_POST['password']; 

     $query = "SELECT * FROM users WHERE email = '$uemail' and password = '$upassword'"; 

     $result = mysqli_query($connection, $query); 

     if(mysql_num_rows($query) == 1){ 

     $_SESSION['email'] = $email; 
     header('Location: newfeeds.php'); 
     exit(); 

     }else{ 

     while ($row = mysql_fetch_assoc($result)) { 

      echo $row["email"]; 
      echo $row["password"]; 

     } 
     } 
    }else{ 

    echo "mail or password is not valid"; 
    } 

}else{ 

echo "The form has been not submitted"; 

} 


    ?> 

如果一個用戶輸入以下字符串作爲用戶名：

' or uid like '%admin%

您的查詢將是這樣的：

$query = "SELECT * FROM users WHERE email = '' or uid like '%admin%' and password = '$upassword'"; 

，這就是爲什麼我們告訴你你必須將所有的mysql_ *函數改爲mysqli_ *函數。