更新并从数据库表中选择
我有两个数据库表"user",其中有3列(id,[自动递增]用户名和捏合) 另一个表是"pins",只有一列(从头开始) 我的桌子
I have two database tables, "user" which have 3 columns (id,[auto increment] username and pinch) The other table is "pins" which has only one column (scratches) MY TABLES
USER
Id username Pinc
1 Josh
2 Angela
3 Chika
PINS
scratches
123456
234515
124564
我想要一种情况,当用户通过表单提交密码时,它将在pins表中检查是否存在此类数据,如果存在,它将使用post和form更新我的用户表的pinc列.用它登录.如果引脚表中不存在该引脚,则会出现错误很抱歉,该引脚不存在". 我的密码
I want a situation when a user submit his password via a form, it will check in the pins table to know whether such data exist, if it does, it will update the pinc column of my user table with the form post and log in with it. If it doesn't exist in the pins table it will give an error "sorry the pin does not exist." MY CODE
$sql = "SELECT * FROM pins WHERE scratches = '" .' $user_password '. "';";
$query = $this->db_connection->query($sql);
if ($query->num_rows== 0){
$this->errors[] = "Sorry, that PIN does not exist.";
} elseif ($query->num_rows== 1) {
$sql = "UPDATE user ".
"SET pinc = $user_password ".
"WHERE user_name = $user_name" ;
$query_new_user_insert = $this->db_connection->query($sql);
$sql = "SELECT user_name, pinc
FROM user
WHERE user_name = '" . $user_name . "' ;";
$result_of_login_check = $this->db_connection->query($sql);
// if this user exists
if ($result_of_login_check->num_rows == 1) {
// get result row (as an object)
$result_row = $result_of_login_check->fetch_object();
$_SESSION['user_name'] = $result_row->user_name;
$_SESSION['user_login_status'] = 1;
} else {
$this->errors[] = "Wrong password. Try again.";
}
} else {
$this->errors[] = "This user does not exist.";
}
} else {
$this->errors[] = "Database connection problem.";
}
}
}
运行代码时,我得到抱歉的密码不存在".有人可以告诉我这是怎么回事吗?
when i run the code, i get "sorry pin does not exist." Can someone tell me whats wrong with it?
您正在使用''周围的''单曲队列,因此您将以字符串形式传递
像这样更改您的第一个查询
You are using singe quete ''around $userpassword means, so You are passing as string
Change your first query like this
$sql = "SELECT * FROM pins WHERE scratches = '".$user_password."';";
您的第二个查询同样错误.正如我假设$username是一个字符串,
您需要像这样
And your second query as also wrong. as i am assuming $username is a string,
You need to wrap it around single quete '' like this
$sql = "UPDATE user ".
"SET pinc = '$user_password' ".
"WHERE user_name = '$user_name'" ;//You are missing single quete here if username is a string
我不知道这也是不是问题,但是您的第三个查询中要有多余的空间.转换后$username变量(在. .之后).如果这样不起作用,请像这样
I dont know this is also problem or not, But have extra space in your third query. for your $username variable after contanitation (after point . . ). If that does not work remove it like this
$sql = "SELECT user_name, pinc
FROM user
WHERE user_name = '".$user_name."' ;";
**
**
$sql = "SELECT * FROM pins WHERE scratches = '".$user_password ."';";
$query = $this->db_connection->query($sql);
if ($query->num_rows== 0){
$this->errors[] = "Sorry, that PIN does not exist.";
} elseif ($query->num_rows== 1) {
$sql = "UPDATE user SET pinc ='".$user_password."' WHERE user_name ='".$user_name."'" ;
$query_new_user_insert = $this->db_connection->query($sql);
$sql = "SELECT user_name, pinc FROM user WHERE user_name = '".$user_name."' ;";
$result_of_login_check = $this->db_connection->query($sql);
// if this user exists
if ($result_of_login_check->num_rows == 1) {
// get result row (as an object)
$result_row = $result_of_login_check->fetch_object();
$_SESSION['user_name'] = $result_row->user_name;
$_SESSION['user_login_status'] = 1;
} else {
$this->errors[] = "Wrong password. Try again.";
}
} else {
$this->errors[] = "This user does not exist.";
}
}
}
}