我正在尝试创建一个PHP登录页面来检查用户输入的详细信息在数据库中的天气,但它返回以下错误:
致命错误:未捕获PDOException:SQLSTATE [42000]:语法错误或访问 违规:1064您的SQL语法有错误;检查手册 对应于您的MariaDB服务器版本,以便在附近使用正确的语法 'SLEECT * FROM users where username = NULL AND password = NULL'in line 1 in C:\ xampp \ htdocs \ sign \ login.php:18堆栈跟踪:#0 C:\ xampp \ htdocs \ sign \ login.php(18):PDOStatement-> execute()#1
C:\ xampp \ htdocs \ sign \ login.php(31):抛出SignIn()#2 {main} 第18行的C:\ xampp \ htdocs \ sign \ login.php
我做错了什么,如何解决?
<?php
include('connection.php');
$username =$_POST['username'];
$password = $_POST['password'];
if($username == '') {
$errmsg_arr[] = 'You must enter your Username';
$errflag = true;
}
if($password == '') {
$errmsg_arr[] = 'You must enter your Password';
$errflag = true;
}
function SignIn(){
global $connection;
$search = $connection->prepare("SLEECT * FROM users where username =
:username AND password = :password");
$search->bindParam(':username',$username);
$search->bindParam(':password',$password);
$result = $search->execute();
$count = $result->rowcount();
if($count> 0)
{
$_SESSION['username'] = $_POST['username'];
echo "welcom to the page ";
}
else{
echo "wron email or password";
}
}
if(isset($_POST['submit']))
{
SignIn();
}
?>
connection.php
中写的代码是
<?php
try{
$connection = new PDO('mysql:host=localhost;dbname=signup;charset=utf8mb4',
'root', '');
$connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}catch(PDOException $err){
echo $err->getMessage();
die();
}
?>
编写的HTML代码是
<html>
<body>
<form method="POST" action="login.php">
<b>Enter your username: </b><br>
<input type="text" name="username"><br>
<b>Enter your password: </b><br>
<input type="password" name ="password"><br>
<input type="submit" name="submit">
</form>
</body>
</html>
答案 0 :(得分:0)
您收到类似这样的错误消息,因为您在<center> You will be redirected to the number one proven training system in <span style="color:blue;font-weight:bold"> <span id="countdowntimer">12 </span> Seconds </span> </center>
<script type="text/javascript">
var timeleft = 12;
var downloadTimer = setInterval(function(){
timeleft--;
document.getElementById("countdowntimer").textContent = timeleft;
if(timeleft <= 0)
clearInterval(downloadTimer);
},1000);
函数内调用了未定义$username
和$password
的变量。这就是为什么查询会将它们视为SignIn()
。
致命错误:未捕获PDOException:SQLSTATE [42000]:语法错误或访问 违规:1064您的SQL语法有错误;检查手册 对应于您的MariaDB服务器版本,以便在附近使用正确的语法 'SLEECT * FROM users in users = NULL AND password = NULL'在
的第1行
你可以在功能保护上传递它
null
然后请先检查function SignIn($username, $password)
,然后验证$_POST["submit"]
&amp; username
并致电password
SignIn($username, $password)
答案 1 :(得分:0)
1ST: SLEECT
拼写为SELECT
2ND:按照小车aswin建议的步骤进行操作。
if(isset($_POST['submit']))
{
......
}
3RD: rowcount()
应为rowCount()
。 c
应该是上限。
4TH:您需要从语句中获取rowcount
语句。来自布尔值$result
的仅包含Boolean
值true
或{{ 1}}
false
更改为
$count = $result->rowCount();