因此,我使用PHP的scracth建立了一个网站,并使用WAMP服务器进行了测试。
一切都在localhost上运行,但是将代码上传到服务器后,所有使用数据库连接的东西都无法正常工作。
我检查了php中的POST是否在服务器上正常工作,并且是否正常工作,php.ini
在谷歌搜索后更改了一些配置,并这样做:
register_globals = off; (was default)
allow_url_fopen = on; (was default)
magic_quotes_gpc = off; (was default)
表格代码
http://i.imgur.com/k5kMx9N.png
类内的登录功能
function LoginUser($UserName, $Password)
{
//Protect from SQL Injection
$clientusername = stripslashes(mysql_real_escape_string($UserName));
$clientpassword = stripslashes(mysql_real_escape_string($Password));
$clientusername = trim($clientusername);
$clientpassword = trim($clientpassword);
if($clientusername != "" && $clientusername != "Username" && $clientpassword != "" && $clientpassword != "Password")
{
$this->ConnectToMySQL();
$sql = "SELECT * FROM Users WHERE UserName = '" . $clientusername . "' AND Password = '" . $clientpassword . "'";
$result = mysqli_query($this->DBConnection, $sql);
mysqli_close($this->DBConnection);
// Mysql_num_row is counting table row
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1){
if(!isset($_SESSION))
session_start();
$row = mysqli_fetch_array($result);
$_SESSION['ID'] = session_id();
$_SESSION['timeout'] = time();
session_write_close();
return("O seu login foi feito com sucesso.</br></br><a href='privatemenu.php'>Ir para o Menu</a>");
}
else return("Não foram encontrados utilizadores com os dados fornecidos.</br></br><a href='login.php'>Voltar á pagina de Login</a>");
}
else return("Ocorreu um erro com a entrada dos seus dados.</br></br><a href='login.php'>Voltar á pagina de Login</a>");
}
因此,问题在于,该函数始终在登录函数中返回文本“ Ocorreu um erro com a entrada dos seus dados”。
我写了登录数据,按下登录按钮,该帖子已经在我测试过的表单中正常工作,并且在另一页上从该表单中回显了该帖子,但是该函数永远不会从那开始。
任何帮助将不胜感激,因为我认为这不是来自函数,我有另一个仅在数据库中插入并且做完全相同的事情。奇怪的是,数据正确地通过了页面。
如果对此有任何混淆,请问我,以便我更好地解释。
因此,感谢Paddyd,这是可以正常工作的正确代码:
function LoginUser($UserName, $Password)
{
//Protect from SQL Injection
$this->ConnectToMySQL();
$clientusername = stripslashes(mysqli_real_escape_string($this->DBConnection, $UserName));
$clientpassword = stripslashes(mysqli_real_escape_string($this->DBConnection, $Password));
$clientusername = trim($clientusername);
$clientpassword = trim($clientpassword);
if($clientusername != "" && $clientusername != "Username" && $clientpassword != "" && $clientpassword != "Password")
{
$sql = "SELECT * FROM Users WHERE UserName = '" . $clientusername . "' AND Password = '" . $clientpassword . "'";
$result = mysqli_query($this->DBConnection, $sql);
mysqli_close($this->DBConnection);
// Mysql_num_row is counting table row
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1){
if(!isset($_SESSION))
session_start();
$row = mysqli_fetch_array($result);
$_SESSION['ID'] = session_id();
$_SESSION['timeout'] = time();
session_write_close();
return("O seu login foi feito com sucesso.</br></br><a href='privatemenu.php'>Ir para o Menu</a>");
}
else return("Não foram encontrados utilizadores com os dados fornecidos.</br></br><a href='login.php'>Voltar á pagina de Login</a>");
}
else return("Ocorreu um erro com a entrada dos seus dados.</br></br><a href='login.php'>Voltar á pagina de Login</a>");
}
Warning: mysql_real_escape_string(): Access denied for user 'apache'@'localhost' (using password: NO) in /home/httpd/vhosts/jaimevale.com/httpdocs/config/configurations.php on line 461
这些是导致您的问题的行:
$clientusername = stripslashes(mysqli_real_escape_string($UserName));
$clientpassword = stripslashes(mysqli_real_escape_string($Password));
您试图在mysql_real_escape_string
未建立sql连接的情况下使用。在进行这些调用之前建立连接,或者使用的替代方法mysql_real_escape_string
。
尝试$this->ConnectToMySQL();
在函数的开头进行调用。
编辑:更改mysql_real_escape_string
为mysqli_real_escape_string
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句