<?php
$mysqli_host = 'localhost';
$mysqli_user = 'root';
$mysqli_pass = '';
$mysqli_db = 'fives';
$link = mysqli_connect($mysqli_host,$mysqli_user,$mysqli_pass,$mysqli_db);
if (isset($_GET['username'])) {
$username = mysqli_real_escape_string($link,$_GET['username']);
print $username. "<br>";
if (!empty($username)) {
$username_query = mysqli_query($link,"SELECT * FROM users");
while($row = mysqli_fetch_array($username_query)) {
print "username: " . $row["username"]. " - password: " . $row["Password"]. " - date:" . $row["date"]. "<br>";
}
print $username_result = mysqli_num_rows($username_query) . "<br>";//print 1
$username_query = mysqli_query($link,"SELECT * FROM users WHERE username = '" . $username . "'");
while($row = mysqli_fetch_array($username_query)) {
print "username: " . $row["username"]. " - password: " . $row["Password"]. " - date:" . $row["date"]. "<br>";
}
print $username_result = mysqli_num_rows($username_query);//print 0
}
}
?>
输出的是
yariv
username: "yariv" - password: "1234" - date:2015-08-26
1
0
嗯,第一个查询没有问题。它得到所有的数据从[用户]这是1行,但当我试图通过使用where username = '" . $username . "' sql查询得到0行。为什么会这样?
第一个查询显示了结果,因为您没有将给定的用户名与数据库中现有的用户名进行比较,但是在第二个查询中,您将用户名与数据库用户名进行比较。那么,您确定输入的用户名与数据库中的用户名相同吗?