Question

我创建了一个包含Email，FirstName，LastName，Password等列的数据库我的登录页面使用电子邮件和密码登录我想检索在与电子邮件
相同的行中的LastName列中键入的名称我想知道怎么做我的代码如下： -

$query=mysql_query("SELECT * FROM Users WHERE email='$email' AND 
`password`='$encrypted_pass' ");

在此之后，我希望能够为LastName分配一个变量，这样我就可以创建一个会话以及登录

Answer 1

然后在列列表中指定列：

SELECT LastName
FROM Users
WHERE email = '$email'
...

然后，您需要获取结果集以将其分配给变量。

Answer 2

mysql_函数已被正式弃用，不再维护/安全使用。

您应该使用PHP的PDO，因为它是一种更安全，更面向对象的方法。只需使用您的特定凭据填写DB_NAME，DB_USER_NAME和DB_USER_PASS，此代码就可以为您效劳。

$database = new PDO( 'mysql:host=localhost;dbname=DB_NAME;charset=UTF-8', 'DB_USER_NAME', 'DB_USER_PASS' );

$query = $database->prepare( "SELECT * FROM Users WHERE `email` = ? AND `password` = ? " );
$query->bindValue( 1, $email );
$query->bindValue( 2, $encrypted_pass );
$query->execute();

if( $query->rowCount() > 0 ) { # If rows are found for query

    $result = $query->fetch( PDO::FETCH_ASSOC );
    echo $result[ 'LastName' ]; # <-- The LastName field you were looking for!

}
else { echo "No Rows Returned!"; }

有关PHP PDO的更多信息，请参阅http://www.php.net/manual/en/book.pdo.php

Answer 3

我认为这涵盖了你要求的一切。启动会话，检查是否正常，为我们的发布数据设置几个变量，进行一些数据验证，设置查询，查询数据库，检查结果，在会话中设置var lastname。

<?php
 header('Content-type: text/html');

    session_start();
    if (session_id() === '') {
        echo 'session_id is null!';
        exit;
    }   
    $myemail = null;
    $mypassword = null;

    if (isset($_POST['Submit']) == true) {
        //assuming you have a db connection
        //mysql_connect($host, $user, $password) || die(mysql_error());
        //mysql_select_db($database) || die(mysql_error()); 

    if ((isset($_POST["username"]) === false)||
            (isset($_POST["password"]) === false)) {
            echo 'Please fill in all fields';
            exit;
        } else {
            // get the post data
            $myemail = ($_POST["username"]);
            $mypassword = ($_POST["password"]);
        }

    // check the form in database
    $sql = "SELECT * FROM Users WHERE email = '".$myemail."' 
            AND password = '".$mypassword."'";
    $result = mysql_query($sql);
    $count = mysql_num_rows($result);

    $_SESSION['loggedin'] = false;
    if ($count === 1) {
        $userrecord = mysql_fetch_array($result);
        $_SESSION['username'] = $userrecord['username'];
        $_SESSION['password'] = $userrecord['password'];
        $_SESSION['loggedin'] = true;
        $_SESSION['lastname'] = $userrecord['lastname']; 
        // assign last name to a session var

        echo 'You have been logged in successfully";
    } else {
         echo 'Wrong username or password';
         exit;
    }
} else {
    echo "No form post detected.<br><br>";
}
?>

以下是使用Mysqli的一些基本内容，因为不推荐使用mysql_命令。同样，它使用一些常用名称，因此进行相应的调整。

    /********************************/
    // using mysqli (untested but should work)
    /********************************/

    $mysqli = new mysqli("localhost", "dbuser", "dbpassword", "default_dbname");

    /* check connection */
    if (mysqli_connect_errno()) {
        printf("Connect failed: %s\n", mysqli_connect_error());
        exit();
    }

    // ecsape the query params
    $myemail = $mysqli->real_escape_string($myemail);
    $mypassword = $mysqli->real_escape_string($mypassword);

    if ($mysqli->query("SELECT * FROM Users WHERE email = '$myemail' 
                        AND password = '$mypassword'")) {
        printf("%d Rows returned.\n", $mysqli->affected_rows);

    // here is where you can set the $_SESSION vars
    // and do any other work you want to do on login.

    }


    $mysqli->close();
    /********************************/
    //end mysqli
    /********************************/

最后一件事。获取GitHub.com存储库设置，以便轻松回滚到以前的版本。这真的是必须有IMO。

从mysql数据库中检索数据

3 个答案: