您好我目前在使用此代码时遇到问题我不确定将其他地方放在哪里。 错误是这样的:
mysql_num_rows() expects parameter 1 to be resource, boolean given in
这是我的代码:
if ($_POST['submit'])
{
$username = $_POST['id'];
$password = $_POST['pass'];
//connect to the database here
$username = mysql_real_escape_string($username);
$query = "SELECT hashpass, salt
FROM users
WHERE username = '$username'";
$result = mysql_query($query);
if(mysql_num_rows($result) < 1) //no such user exists
{
echo "NO USER!";
}
$userData = mysql_fetch_array($result, MYSQL_ASSOC);
$hash = sha1 ( $userData['salt'] . $password );
if($hash != $userData['password']) //incorrect password
{
echo "WRONG PASS";
}
}
感谢任何帮助。
答案 0 :(得分:0)
mysql_num_rows
函数返回记录集中的行数。
int mysql_num_rows ( resource $result )
mysql_query
函数在MySQL数据库上执行查询。此函数返回SELECT查询的查询句柄,其他查询返回TRUE / FALSE,失败时返回FALSE。
所以在你的情况下,你应该这样做
<?php
$link = mysql_connect("localhost", "mysql_user", "mysql_password");
$query = "SELECT hashpass, salt
FROM users
WHERE username = '$username'";
$result = mysql_query($query);
mysql_select_db("database", $link);
$result = mysql_query($query, $link);
$num_rows = mysql_num_rows($result);
if($num_rows < 1) //no such user exists
{
echo "NO USER!";
}
?>
答案 1 :(得分:0)
在我的类似脚本中,我首先检查$ result以确保查询正常...我还假设每个用户只有一行!
$result = mysql_query($query);
if ($result)
{
if(mysql_num_rows($result) == 1)
{
// user exists... check password
}
else
{
//no such user exists
echo "NO USER!";
}
}
else
{
// Query failed - no such user
}
另外,如果代码段适用于您的代码,只有在您验证用户名后才会包含密码检查!