php mysql，登錄腳本。我的錯誤消息不顯示

我試圖做一個PHP，MySQL登錄腳本。當我輸入錯誤的用戶名或密碼或登錄ID時，它不顯示我的錯誤消息。爲什麼？php mysql，登錄腳本。我的錯誤消息不顯示

$con = mysqli_connect($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME); 
if (mysqli_connect_errno()) { 
    die ('Failed to connect to MySQL: ' . mysqli_connect_error()); 
} 
$c_id = $_POST['c_id']; 
$p_nickname = $_POST['p_nickname']; 
$p_password = $_POST['p_password']; 
if(!empty($c_id)&&!empty($p_nickname)&&!empty($p_password)){ 
    $query = "SELECT c_id, p_nickname, p_password FROM people_inside_company INNER JOIN company ON pic_c_id = c_id INNER JOIN people ON pic_code_number = p_code_number WHERE c_id = '$c_id' AND p_nickname = '$p_nickname' AND p_password = '$p_password'"; 
    #t 
    if($result = mysqli_query($con, $query)or die(mysqli_error($con))){ 
     if($row = mysqli_fetch_assoc($result)){ 
      $in_cid = $row['c_id']; 
      $in_pnickname = $row['p_nickname']; 
      $in_ppassword = $row['p_password']; 
      $count = mysqli_num_rows($result); 
      if($count == 1){ 
       echo "you're in"; 
       # i get this when i type the right c_id, p_nickname and p_passowrd 
       #more code 
      } 
      else{ 
       echo "wrong username, password or id"; 
       # i don't get this when im typing the wrong c_id, p_nickname or p_password, why? 
      } 
     } 
    } 
}

來源

2016-12-13 Avoka94

因此，你總是打印'你在'？ – Akshay

如果我寫了正確的暱稱和密碼和c_id是，如果我typ錯了，它不會顯示任何東西， – Avoka94

使用參數化查詢並散列您的用戶密碼。 – chris85

使用此代碼：

$con = mysqli_connect($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME); 
if (mysqli_connect_errno()) { 
    die ('Failed to connect to MySQL: ' . mysqli_connect_error()); 
} 
$c_id = $_POST['c_id']; 
$p_nickname = $_POST['p_nickname']; 
$p_password = $_POST['p_password']; 
if(!empty($c_id)&&!empty($p_nickname)&&!empty($p_password)){ 
    $query = "SELECT c_id, p_nickname, p_password FROM people_inside_company INNER JOIN company ON pic_c_id = c_id INNER JOIN people ON pic_code_number = p_code_number WHERE c_id = '$c_id' AND p_nickname = '$p_nickname' AND p_password = '$p_password'"; 
    #t 
    if($result = mysqli_query($con, $query)or die(mysqli_error($con))){ 

     if(mysqli_num_rows($result)){ 
      $row=mysqli_fetch_assoc($result); 
      $in_cid = $row['c_id']; 
      $in_pnickname = $row['p_nickname']; 
      $in_ppassword = $row['p_password']; 
      $count = mysqli_num_rows($result); 
      if($count == 1){ 
       echo "you're in"; 
       # i get this when i type the right c_id, p_nickname and p_passowrd 
       #more code 
      } 

     } 
     else 
     { 
       echo "wrong username, password or id"; 
       # i don't get this when im typing the wrong c_id, p_nickname or p_password, why? 
      } 

    } 
}

你的「其他」堵得無法訪問（邏輯）

來源

2016-12-13 04:54:29 kashif

謝謝，這個作品！：D – Avoka94

@OlleNorström。使用更新的代碼..並投票我的答案。請使用最新的更新代碼 – kashif

我想你不應該把mysqli_query的if條件內，因爲如果任何輸入錯了，的if條件的結果會是假的，所以它不會真正顯示任何東西。

嘗試這樣做：

$con = mysqli_connect($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME); 
if (mysqli_connect_errno()) { 
    die ('Failed to connect to MySQL: ' . mysqli_connect_error()); 
} 
$c_id = $_POST['c_id']; 
$p_nickname = $_POST['p_nickname']; 
$p_password = $_POST['p_password']; 
if(!empty($c_id)&&!empty($p_nickname)&&!empty($p_password)){ 
    $query = "SELECT c_id, p_nickname, p_password FROM people_inside_company INNER JOIN company ON pic_c_id = c_id INNER JOIN people ON pic_code_number = p_code_number WHERE c_id = '$c_id' AND p_nickname = '$p_nickname' AND p_password = '$p_password'"; 
    $result = mysqli_query($con, $query)or die(mysqli_error($con)); 
    if(mysqli_num_rows($result) > 0) { 
     while ($row = mysqli_fetch_assoc($result)) { 
      $in_cid = $row['c_id']; 
      $in_pnickname = $row['p_nickname']; 
      $in_ppassword = $row['p_password']; 
     } 

     echo "you're in"; 
    } 
    else{ 
     echo "wrong username, password or id"; 
    } 
}

另外，如果你正在做的與用戶輸入的任何數據庫事務，你應該使用prepared statements因爲有了這個代碼，您已經引起了SQL injection。

來源

2016-12-13 04:47:05 devgirl

請嘗試這種方式

$con = mysqli_connect($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME); 
if (mysqli_connect_errno()) { 
    die('Failed to connect to MySQL: ' . mysqli_connect_error()); 
} 
    $c_id = $_POST['c_id']; 
    $p_nickname = $_POST['p_nickname']; 
    $p_password = $_POST['p_password']; 

if (!empty($c_id) && !empty($p_nickname) && !empty($p_password)) { 

$query = "SELECT c_id, p_nickname, p_password FROM people_inside_company INNER JOIN company ON pic_c_id = c_id INNER JOIN people ON pic_code_number = p_code_number WHERE c_id = '$c_id' AND p_nickname = '$p_nickname' AND p_password = '$p_password'"; 
$result = mysqli_query($con, $query); 
$row = mysqli_fetch_assoc($result); 

$in_cid = $row['c_id']; 
$in_pnickname = $row['p_nickname']; 
$in_ppassword = $row['p_password']; 

if (mysqli_num_rows($result) > 0) { 
    echo "you're in"; 
} else { 
    echo "wrong username, password or id"; 
} }

來源

2016-12-13 04:59:49

當你記錄爲空就不會進去循環，所以你沒有收到錯誤信息。

$con = mysqli_connect($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME); 

if (mysqli_connect_errno()) { 
    die ('Failed to connect to MySQL: ' . mysqli_connect_error()); 
} 

$c_id = $_POST['c_id']; 
$p_nickname = $_POST['p_nickname']; 
$p_password = $_POST['p_password']; 

if(!empty($c_id)&&!empty($p_nickname)&&!empty($p_password)){ 
    $query = "SELECT c_id, p_nickname, p_password FROM people_inside_company INNER JOIN company ON pic_c_id = c_id INNER JOIN people ON pic_code_number = p_code_number WHERE c_id = '$c_id' AND p_nickname = '$p_nickname' AND p_password = '$p_password'"; 

    if($result = mysqli_query($con, $query)or die(mysqli_error($con))){ 
     $row = mysqli_fetch_assoc($result); 
     $count = mysqli_num_rows($result); 

     if($count == 1){ 
     $in_cid = $row['c_id']; 
     $in_pnickname = $row['p_nickname']; 
     $in_ppassword = $row['p_password']; 
      echo "you're in"; 
      # i get this when i type the right c_id, p_nickname and p_passowrd 
      #more code 
     } 
     else{ 
     echo "wrong username, password or id"; 
     # i don't get this when im typing the wrong c_id, p_nickname or p_password, why? 
     } 
    } 
}

來源

2016-12-13 04:59:57

php mysql，登錄腳本。我的錯誤消息不顯示

回答

相關問題