如果陈述没有奏效

时间:2014-08-19 17:45:24

标签: php

我的陈述有些问题。目的是检查用户是否存在,用户是否为员工(不能被禁止)以及用户可能已被禁止。我不知道我做错了什么。有3个陈述,我可以构建,如果我不能。这些语句只有问题,查询很好。我已经测试了,当我试图禁止自己时,有可能,当我有3个陈述时,它不是。

if(isset($_POST['submit'])){
$bantype = $input->FilterText($_POST['bantype']);
$value = $input->FilterText($_POST['value']);
$reason = $input->FilterText($_POST['reason']);
$length = $_POST['length'] ? $input->EscapeString((time()+$_POST['length'])) : '';

$user_sql = mysql_query("SELECT * FROM users WHERE username = '".$value."' LIMIT 1") or die(mysql_error());
$user_sql2 = mysql_query("SELECT * FROM bans WHERE value = '".$value."' LIMIT 1") or       die(mysql_error());
$user_exists = mysql_num_rows($user_sql);
if (mysql_num_rows($user_sql) == 0) {
echo 'This user does not exist and can not be banned.';
} while($fox = mysql_fetch_array($user_sql)) 

if ($fox['rank'] > 3) 
echo 'This user is marked as staff can not be banned.';

if (mysql_num_rows($user_sql2) > 0) {
echo 'This user is already banned.';

} else 
mysql_query("INSERT INTO bans (bantype, value, reason, expire, added_by,
added_date,appeal_state) VALUES 
('$bantype','$value','$reason','$length',
'".$user->row['username']."','" . date('d/m/Y H:i') . "','0')");

感谢您的帮助!

1 个答案:

答案 0 :(得分:0)

我没有足够的声誉将其添加到评论中,但我认为您的错误来自缺少括号,这些{}括号。您是否将代码复制到堆栈溢出?

// This should be your while loop
while($fox = mysql_fetch_array($user_sql)) { //Do stuff here }

// Same issue here
if ($fox['rank'] > 3) { //Do stuff here }

缺少括号会破坏代码,即使您在检查后也不打算做任何事情。所以其他指针以及代码可能存在的问题:

  

你在else语句后错过了一个结束括号   您的其他声明似乎使用错误。您将它附加到您运行的最后一个IF语句,如果将忽略除最后一个之外的所有其他检查。

新代码应该是这样的:

 $msg = ''; // Set up variable to carry reply
 if (mysql_num_rows($user_sql) == 0) {
    $msg .= 'This user does not exist and can not be banned.'; // Add to msg
 } 
 while($fox = mysql_fetch_array($user_sql)){ // Do something here
 // I think you meant for this to surround your next statements?
 if ($fox['rank'] > 3) {
     $msg .= 'This user is marked as staff can not be banned.'; // Add to msg
 } // Close IF
 if (mysql_num_rows($user_sql2) > 0) {
     $msg .= 'This user is already banned.'; // Add to msg

 } // Close IF
 } // Close While

 // Change else to a new IF
 if ($msg=='') { // You could also do if($msg!=false) in this case
    // YOUR MYSQL QUERY HERE
 } else {
    // Use $msg for something. I usually apply it to a cookie
    // Send the user back and then display the result
 }

另外,正如其他人所说,有待验证的验证错误。您应该防止SQL攻击等。

相关问题
最新问题