基本上,我正在创建一个登录系统。当我处理存储在MySQL数据库中的数据时,出现以下错误:
解析过程中发现非法双精度值"200970e19291"
使用以下代码:
<?php
session_start(); // Session start
$username = $_POST['username']; // Gets the username from the login page
$password = $_POST['password']; // Gets the password.
$salt = "oijahsfdapsf80efdjnsdjp"; // Salt
// Add the salt
$salt .= $password; // The password is now: oijahsfdapsf80efdjnsdjp_PLUS_THE_USERS_PASSWORD
$password = $salt; // Change the password var to contain the salt
// Encryption
$password = md5($password); // woo
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Serrano Login</title>
</head>
<body>
<?php
// Connect to your database
mysql_connect("localhost", "root", "root") or die(mysql_error());
mysql_select_db('serrano');
$query = "SELECT * FROM accounts WHERE password = ".$password." LIMIT 1";
$username = mysql_real_escape_string($username); // just to be sure.
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result)){
$resusername = $row['username']; // username from DB
$respassword = $row['password']; // password from DB
$resemail = $row['email']; // email from db
}
// Are they a valid user?
if ($respassword == $password) {
// Yes they are.
// Lets put some data in our session vars and mark them as logged in.
$_SESSION['loggedin'] = "1";
$_SESSION['email'] = $resemail;
$_SESSION['username'] = $resusername;
echo "Congrats, Your logged in"; // YAY
}else{
// No, Lets mark them as invalid.
$_SESSION['loggedin'] = "0";
echo "Sorry, Invalid details"; // Nay
}
?>
</body>
</html>
思潮?
您没有引用要插入的密码"值",因此对于MySQL来说,它显示为一个损坏的数字。
$query = "SELECT * FROM accounts WHERE password = '".$password."' LIMIT 1";
^---missing ^---missing
或者更好的是:
$query = "SELECT * FROM accounts WHERE password = '$password' LIMIT 1";