将 SQL 查询列传递到另一个.php页 - Passing SQL query column to another .php page

我无法将$name0传递给我的项目的管理员.php。我正在对登录.php进行登录会话。但是在查询用户名和密码后，我希望名字出现在管理员.php，这是我到目前为止的工作

        if(isset($_POST['btnlogin'])){
        $username = addslashes($_POST['txtusername']);
        $password = addslashes($_POST['txtpassword']);
       include 'db_connection.php';
       $sel_admin = "SELECT * FROM users WHERE user_username='$username'";
       $rs_admin = mysql_query($sel_admin);
       $rs_count = mysql_num_rows($rs_admin);
       if($rs_count<1){
                        echo 'Invalid username!';
                        }else{
                        $admin_info = mysql_fetch_array($rs_admin);
                        $adminid = $admin_info['user_id'];
                        $db_password = $admin_info['user_password'];
                        if($password == $db_password){
                        $_SESSION['user_id'] = $adminid;
                        $name0 = $_POST["'select user_firstname from users WHERE user_username='$username'"];
                                header("location: admin.php");
}
                                else{
                                echo 'Incorrect password!';
    }
    }
    }

发生的情况是有人通过登录表单发布到您的脚本。该形式的值显示在 $_POST 数组中。这就是你获得$_POST['btnlogin']的地方。除非窗体中有一个字段的名称"'select user_firstname from users WHERE user_username='$username'"代码中的行，否则$name0 = $_POST["'select user_firstname from users WHERE user_username='$username'"];没有意义。

我知道您想将用户的名字传递给管理员.php。您不需要查询它，因为您刚刚查询了"SELECT * FROM users WHERE user_username='$username'"，因此您已经有了名字作为$sel_admin['user_firstname']。

最好的办法是在会话中存储名字：

$_SESSION['user_firstname'] = $sel_admin['user_firstname'];

header("location: admin.php") 会将您的用户发送到 admin.php您可以在其中读出$_SESSION['user_firstname']中的名字 - 前提是您在此脚本的开头和 admin 都执行session_start().php

此代码已经过测试，将为您完成。将其标记为正确答案，因为它将解决您的问题。

首先创建表并插入用户

create table users(username varchar(100), password varchar(100)
insert into users values ('sectona','sectona234');

<?php


$db = new PDO (
    'mysql:host=localhost;dbname=yourdbname;charset=utf8', 
    'root', // username
    'root44' // password
);
?>

signin.php

<?php
    error_reporting(0); 
?>
<?php ob_start(); ?>


<?php
session_start();
require("db.php");

//from form inputs
$username=strip_tags($_POST["txtusername"]);
$password=strip_tags($_POST["txtpassword"]);

/*
$username='sectona';
$password='sectona123';
*/
// validate username
$result = $db->prepare('SELECT * FROM users where username = :username');
        $result->execute(array(
            ':username' => $username
    ));
$nosofrows = $result->rowCount();
if ($nosofrows ==0)
{
echo '<br><b><font color=red><b></b>Username is Incorrect</font></b><br>';
exit();
}


//validate password
$result = $db->prepare('SELECT * FROM users where password = :password');
        $result->execute(array(
            ':password' => $password
    ));
$nosofrows = $result->rowCount();
//if ($nosofrows < 1)
if ($nosofrows ==0)
{
echo '<br><b><font color=red><b></b>Password is Incorrect</font></b><br>';
exit();
}

// check login

$statement = $db->prepare('
        SELECT * FROM users
        WHERE username = :username
        AND password = :password
    ');



    $statement->execute(array(
':username' => $username,
':password' => $password));


    if ($row = $statement->fetch()) {
    session_regenerate_id();
$_SESSION['SESS_PASWWORD'] = $row['password'];
$_SESSION['SESS_USERNAME'] = $row['username'];

$user=$pid=htmlentities($row['username'], ENT_QUOTES, "UTF-8");
echo "Welcome Mr/Mrs <b>".$user."</b> <font color=pink>you are signed in successfully. <br>Redirecting in 2 seconds</font> <img src=loader.gif>";

echo '<script>
window.setTimeout(function() {
    window.location.href = "admin.php";
}, 2000);
</script>';
}else{
echo '<font color=red size=2><b>Either of your details is wrong. You are trying to use login accounts that belongs to another
person</b></font>';
}


?>

admin.php

<html><head></head><body>

Welcome <?php 
session_start();
echo htmlentities($_SESSION['SESS_USERNAME']); ?> 

</body></html>

如果它解决了您的问题，请将其标记为正确答案