我的表有2列,user_id和username。用户使用以下用户名登录:
<?php
require('dbConnect.php');
$username = $_POST['username'];
//need to keep this in a session, for other pages later on
session_start();
$_SESSION['username'] = $username;
$sql = "SELECT * FROM user WHERE username = '$username'";
$result = mysqli_query($con,$sql);
$check = mysqli_fetch_array($result);
if(isset($check)) :
//if the username exists in the database, then show a html submit button
$con->close();
?>
<html>
<body>
<form action="UserDetails.php" method="post">
<input type="submit">
</form>
</html>
<?php else :{
//if user is not in db, show this message
echo 'Sorry about that, you can't come in.';
}
$con->close();
?>
<?php endif; ?>
如何获得与用户名相对应的user_id,以便稍后在页面中使用?
在(isset($check))
似乎是造成我的麻烦,有时回来user_id
,有时没有。
很大程度上要感谢Nabeel的回答,这个想法对我有用。同时还要感谢Solrac Ragnarockradio使我步入正轨,以使我的代码使用mysqli_real_escape_string更加安全:
<?php
require('dbConnect.php');
$username = mysqli_real_escape_string($con,$_POST['username']);
$sql = "SELECT * FROM user WHERE username = '$username'";
$result = mysqli_query($con,$sql);
$row = mysqli_fetch_assoc($result);
$user_id = $row["user_id"];
//give me the corresponding user_id of the logged in user
echo $user_id;
if (mysqli_num_rows($result)==0) {
echo "Failed, sorry";
}
if (mysqli_num_rows($result) > 0) {
echo "User id exists already.";
}
$con->close();
?>
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句