PHP登录表单错误

Question

这是我从教程中获得的代码，当我尝试登录时，它不工作！它说：

Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\index.php on line 13

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\index.php on line 16

<?php 
     include("config.php"); 
     session_start(); 

     if($_SERVER["REQUEST_METHOD"] == "POST") { 
      // username and password sent from form 

      $myusername = mysqli_real_escape_string($db,$_POST['username']); 
      $mypassword = mysqli_real_escape_string($db,$_POST['password']); 

      $sql = "SELECT * FROM tbl_users WHERE username = '$myusername' and password = '$mypassword'"; 
      $result = mysqli_query($db,$sql); 
      $row = mysqli_fetch_array($result,MYSQLI_ASSOC); 
      $active = $row['active']; 

      $count = mysqli_num_rows($result); 

      // If result matched $myusername and $mypassword, table row must be 1 row 

      if($count == 1) { 
      session_register("myusername"); 
      $_SESSION['login_user'] = $myusername; 

      header("location: welcome.php"); 
      }else { 
      $error = "Your Login Name or Password is invalid"; 
      } 
     } 
    ?> 

任何帮助将是非常赞赏！ 在此先感谢。

用“.username。”更改用户名后...这是代码！

<?php 
    include("config.php"); 
    session_start(); 

    if($_SERVER["REQUEST_METHOD"] == "POST") { 
     // username and password sent from form 

     $myusername = mysqli_real_escape_string($db,$_POST['username']); 
     $mypassword = mysqli_real_escape_string($db,$_POST['password']); 

     $sql = "SELECT * FROM tbl_users WHERE username = '".$myusername."' and password = '".$mypassword."'"; 
     $result = mysqli_query($db,$sql); 
     $row = mysqli_fetch_array($result,MYSQLI_ASSOC); 
     $active = $row['active']; 

     $count = mysqli_num_rows($result); 

     // If result matched $myusername and $mypassword, table row must be 1 row 

     if($count == 1) { 
     session_register("myusername"); 
     $_SESSION['login_user'] = $myusername; 

     header("location: welcome.php"); 
     }else { 
     $error = "Your Login Name or Password is invalid"; 
     } 
    } 
?> 

<html> 
<head><title>Login Page PHP Script</title></head> 
<body> 
    <div align="center"> 
     <div style="width:300px; border: solid 1px #006D9C; " align="left"> 
      <?php 
       if(isset($errMsg)){ 
        echo '<div style="color:#FF0000;text-align:center;font-size:12px;">'.$errMsg.'</div>'; 
       } 
      ?> 
      <div style="background-color:#006D9C; color:#FFFFFF; padding:3px;"><b>Login</b></div> 
      <div style="margin:30px"> 
       <form action="" method="post"> 
        <label>Username :</label><input type="text" name="username" class="box"/><br /><br /> 
        <label>Password :</label><input type="password" name="password" class="box" /><br/><br /> 
        <input type="submit" name='submit' value="Submit" class='submit'/><br /> 
       </form> 
      </div> 
     </div> 
    </div> 
</body> 
</html> 

Answer 1

您的查询出现错误，这就是为什么mysqli_fetch_array（）返回false而不是对象的原因。

请尝试以下操作以查看问题所在。

if (!$result) { 
    printf("Error: %s\n", mysqli_error($db)); 
    exit(); 
} 

从您的代码然而，查询确实应该（提供用户名和密码不为空）：

$sql = "SELECT * FROM tbl_users WHERE username = '" . $myusername . "' and password = '" . $mypassword . "'"; 

Answer 2

mysqli_real_escape_string（）只能包含一个参数 - 字符串逃脱。

$myusername = mysqli_real_escape_string($_POST['username']); 
    $mypassword = mysqli_real_escape_string($_POST['password']); 

Answer 3

先试试看。

$row = mysqli_fetch_array($result); 

之后，你可以检查你的错误。

mysqli_fetch_array($result) or die(mysqli_error());