1. 首页
  2. 问答
  3. 从$ _SESSION的多个表中获取数据PHP

从$ _SESSION的多个表中获取数据PHP

2015-11-04 102 views
0

当前我想在用户登录到系统时从两个表中获取两个不同的数据。权限表是“用户”,“user_staff”和“user_group”。但是,当用户输入其用户名和密码,并提交提示“致命错误:调用第26行的C:\ xampp \ htdocs \ auditsystem \ index.php中的非对象上的成员函数fetch_array()”

下面是代码:

if($username!= "" && $password != "") 
{ 
//INNER JOIN user_group_module_role ON user.user_group_module_role_id = user_group_module_role.id 
    $result = $db->query("SELECT * FROM user 
          INNER JOIN user_staff ON user.user_staff_id = user_staff.id 
          WHERE username = '$username' AND password = '$password'"); 



    if($result->num_rows == 1) 
    { 
     $validate = $result->fetch_assoc(); 

     $query1 = "SELECT * FROM usergroup WHERE id = $validate[user_group_id]"; 
     $result1 = $db->query($query1); 
     $row1 = $result1->fetch_array(); 
     //change here for the authority 
     $_SESSION['user_staff'] = $validate['displayname']; 
     $_SESSION['usergroup'] = $row1['user_group_type']; 
     echo "<script language='javascript'>window.location='panel.php'</script>"; 
    } 
    else 
    { 
     echo "<script>alert('Sorry, wrong username and password please check.')</script>"; 
    } 
}

来源

2015-11-04 Andrew

+1

1)你必须在双引号内的'{}'中包装数组。 2)你想用单引号包装索引:'$ query1 =“SELECT * FROM usergroup WHERE id = {$ validate ['user_group_id']}”; – Twisty

+2

您的第二个查询失败,并且由于您没有检查,所以'$ result1'为null/false,并且没有成员函数。 – Twisty

+1

[mysqli - fetch \ _Array错误调用函数在非对象mysqli]上获取\ _array()的可能重复(http://stackoverflow.com/questions/14639965/mysqli-fetch-array-error-call - 对一个成员函数提取阵列在一个非目标) –

回答

5

您所查询的格式不正确和失败。这使得$ result1 null/false。您的查询也容易受到SQL注入的攻击!

if($username!= "" && $password != ""){ 
//INNER JOIN user_group_module_role ON user.user_group_module_role_id = user_group_module_role.id 
    $result = $db->query("SELECT * FROM user INNER JOIN user_staff ON user.user_staff_id = user_staff.id WHERE username = '$username' AND password = '$password'"); 
    if($result->num_rows == 1){ 
     $validate = $result->fetch_assoc(); 
     $query1 = "SELECT * FROM usergroup WHERE id = {$validate['user_group_id']}"; 
     if($result1 = $db->query($query1)){ 
      $row1 = $result1->fetch_array(); 
      //change here for the authority 
      $_SESSION['user_staff'] = $validate['displayname']; 
      $_SESSION['usergroup'] = $row1['user_group_type']; 
      echo "<script language='javascript'>window.location='panel.php'</script>"; 
     } else { 
      echo "<script language='javascript'>alert('SQL Error.');</script>"; 
     } 
    } else { 
     echo "<script>alert('Sorry, wrong username and password please check.')</script>"; 
    } 
}

来源

2015-11-04 01:50:46 Twisty

+0

感谢兄弟。你解决了我的问题:) – Andrew

+0

嗨兄弟,是否有可能添加另一个查询插入到log_record? \t $查询= “INSERT INTO user_log_record(用户名,ipaddres) \t \t \t VALUES \t \t \t( '$用户名', '$ IP')”; \t $ result = $ db-> query($ query); – Andrew

+0

你不会从'INPUT'查询中得到结果集。但是,是的,你可以用同样的方式执行另一个查询:'$ db-> query($ query);' – Twisty

 相关问题

  • 暂无相关问题^_^