我已经在000webhost.com中上传了我的页面,修复了连接,但我的管理页面出现了问题。它有这个错误。
警告:mysql_real_aescape_string()要求参数1为字符串,对象在第36行/home/a8431834/public_html/admin_area/login.php中给定
下面是我的代码。
<?php
session_start();
?>
<!DOCTYPE>
<html>
<head>
<title>Login Form</title>
<link rel="stylesheet" href="styles/login_style.css" media="all" />
</head>
<body>
<div class="login">
<h2 style="color:white; text-align:center;"><?php echo @$_GET['not_admin']; ?></h2>
<h2 style="color:white; text-align:center;"><?php echo @$_GET['logged_out']; ?></h2>
<h1>Admin Login</h1>
<form method="post" action="login.php">
<input type="text" name="email" placeholder="Email" required="required" />
<input type="password" name="password" placeholder="Password" required="required" />
<button type="submit" class="btn btn-primary btn-block btn-large" name="login">Login</button>
</form>
</div>
</body>
</html>
<?php
include("includes/db.php");
if(isset($_POST['login'])){
$email = mysql_real_escape_string($con, $_POST['email']);
$pass = mysql_real_escape_string($con, $_POST['password']);
$sel_user = "select * from admins where user_email='$email' AND user_pass='$pass'";
$run_user = mysqli_query($con, $sel_user);
$check_user = mysqli_num_rows($run_user);
if($check_user==1){
$_SESSION['user_email']=$email;
echo "<script>window.open('index.php?logged_in=You have successfully Logged in!','_self')</script>";
}
else {
echo "<script>alert('Password or Email is wrong, try again!')</script>";
}
}
?>
您正在做的是将不推荐使用的mysql_与mysqli_*混合使用,因此不要使用mysql_real_escape_string,而是使用mysqli_real_escape_string()
$email = mysqli_real_escape_string($con, $_POST['email']);
$pass = mysqli_real_escape_string($con, $_POST['password']);
您可以在PHP手册上了解更多关于mysqli_real_escape_string()的信息
如果您在其他地方做过,请注意使用不推荐使用的版本。首先,使用新版本的更新这些函数