Community
Learn
Tools Library
AI Tools
Leisure
search
English
Home > Backend Development > PHP Tutorial > 关于PHP数据库的小问题

关于PHP数据库的小问题

WBOY
Release: 2016-06-23 14:15:36
Original
892 people have browsed it

PHP 数据库 用户验证

$con=mysql_connect("localhost","root","123456");
if(!$con)
{
die('Could not connect:'.mysql_error());
}
mysql_query("SET NAMES 'utf8'"); //设置字符集
mysql_select_db("manage",$con);   //选择数据库
$sql1="
select count(*)
from user
where username=="".$_POST['name']."" and password=="".$_POST['password'].""
LIMIT 1
";
$result=mysql_query($sql1,$con);
红色部分报错。前辈们,在下有两个问题:第一,目前这种格式,应该怎么改,使其正确。第二,你们在验证用户信息时,是这么做的呢?比较简单的那种。

回复讨论(解决方案)

$sql1="select count(*)from userwhere username='".$_POST['name']."' and password='".$_POST['password']."'LIMIT 1";
Copy after login


然后用mysql_num_rows 判断行是否等于1就行。

username='".mysql_real_escape_string($_POST['name'])."' and password='".mysql_real_escape_string($_POST['password'])."

最好做个简单的防注入措施。

http://php.net/manual/en/function.mysql-real-escape-string.php

php5.5以上版本,用mysqli_real_escape_string() 或者 PDO::quote() 

$sql1 = "select count(*)from userwhere username='".$_POST['name']."' and password=='".$_POST['password']."'";
Copy after login


$sql1 = "select count(*)from userwhere username='$_POST[name]' and password='$_POST[password]'";
Copy after login

不需要 LIMIT 1
因为没有 group 子句,聚类函数只会取得一条记录

对传入的数据做一下转义处理是必须的,在程序入口处这样就可以了
$_POST = array_map('mysql_real_escape_string', $_POST);

$_POST = array_map('mysql_real_escape_string', $_POST);

如果某$_POST为空,会不会报错?

 直接在sql 里使用'$_POST[name]'  之类的不会出错吗..
一般都要 先判断一下吧比如 ISSET之类的.

Related labels:
关于PHP数据库的小问题
source:php.cn
Previous article:php 连接mysql 远程连接(10060) Next article:Tomcat好想勾搭Apache,我和我的小伙伴都快急死了……
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
Generating content using Ajax - scrolling to Id doesn't work I generate page content based on data obtained via ajax. The problem I'm having is that wh...
From 2024-04-04 09:29:39
0
1
397
How to correctly alert database records using Fetch javascript API and php I'm trying to get alert ID and name records from database using JavasriptfetchAPI. My prob...
From 2024-04-03 23:38:11
0
2
383
Possible revision title: "PHP SQL database update query issue: Index is not defined and data is not updated?" I'm having trouble updating the database. I think the error is in the update query itself,...
From 2024-04-02 18:46:20
0
1
436
Flutter cannot get the new value of a variable when called in another class I have this StatefulWidget which is supposed to retrieve data from MySQL database based on...
From 2024-04-01 22:37:38
0
1
339
How to do conditional rendering in Vue I'm developing an app that can be used to create tasks and put them into lists to track th...
From 2024-04-01 19:36:54
0
1
329
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template