我试图使它,如果他们的IP是在数据库中,然后他们不能发送电子邮件。在php54_errors文件中,它说
[30-Dec-2012 18:25:26 Europe/Dublin] PHP Warning: mysql_num_rows() expects parameter 1 to be resource, string given in C:'inetpub'wwwroot'Submit.php on line 6
[30-Dec-2012 18:25:26 Europe/Dublin] PHP Warning: mysql_num_rows() expects parameter 1 to be resource, null given in C:'inetpub'wwwroot'Submit.php on line 7
我的PHP代码如下
<?php
include("connect.php");
mysql_select_db("ip", $con);
$ip = mysql_real_escape_string($_SERVER['REMOTE_ADDR']);
$query = "SELECT * FROM ip WHERE ip='$ip'";
$result = mysql_num_rows($query);
if (mysql_num_rows($result) > 0) {
echo "You have already registered!";
}
else {
echo"Your request has been sent!";
$to = "admin@prisoneternity.org.uk";
$subject = "Guard Application";
$from = "guardapplication@prisoneternity.org.uk";
$headers = "From:" . $from;
$message = "IGN = " . $_POST["Username"] . "</br>'n'nage = " . $_POST["age"] . "</br>'n'nreason = " . $_POST["reason"] . "</br>'n'nHow many times have they been guard = " . $_POST["guard"] . "</br>'n'nOther Details = " . $_POST["text"];
mail($to,$subject,$message,$headers);
header ("Location: index.php?email=yes");
session_start();
mysql_query("INSERT INTO ip (IP) VALUES ('$ip')");
}
?>
$result = mysql_num_rows($query);
if (mysql_num_rows($result) > 0) {
$result = mysql_query($query);
if (mysql_num_rows($result) > 0) {
您没有运行mysql_query(),而是两次调用mysql_num_rows()。简单的事故=o)顺便说一句,你应该使用PDO或MySQLi。
:
echo"Your request has been sent!";
$to = "admin@prisoneternity.org.uk";
$subject = "Guard Application";
$from = "guardapplication@prisoneternity.org.uk";
$headers = "From:" . $from;
$message = "IGN = " . $_POST["Username"] . "</br>'n'nage = " . $_POST["age"] . "</br>'n'nreason = " . $_POST["reason"] . "</br>'n'nHow many times have they been guard = " . $_POST["guard"] . "</br>'n'nOther Details = " . $_POST["text"];
mail($to,$subject,$message,$headers);
header ("Location: index.php?email=yes");
session_start();
mysql_query("INSERT INTO ip (IP) VALUES ('$ip')");
$to = "admin@prisoneternity.org.uk";
$subject = "Guard Application";
$from = "guardapplication@prisoneternity.org.uk";
$headers = "From:" . $from;
$message = "IGN = " . $_POST["Username"] . "</br>'n'nage = " . $_POST["age"] . "</br>'n'nreason = " . $_POST["reason"] . "</br>'n'nHow many times have they been guard = " . $_POST["guard"] . "</br>'n'nOther Details = " . $_POST["text"];
mail($to,$subject,$message,$headers);
//header ("Location: index.php?email=yes");
session_start();
echo"Your request has been sent!";
mysql_query("INSERT INTO ip (IP) VALUES ('$ip')");
你不能回显header()或session_start()之前的内容,也不会看到回显的文本,因为你正在做一个重定向。你需要选择你想做哪一个。我注释掉了上面的header(),但你可以做相反的事情。另外,请确保您清除了'r和'n字符的所有$_POST值,以防止邮件头注入攻击。
在第二行,mysql_num_rows返回一个整数,因为$result变量已经调用了该函数,如果这有意义的话。改成这样:
$result = mysql_num_rows($query);
if ($result > 0) {
同时,您没有运行查询:
$query = "SELECT * FROM ip WHERE ip='$ip'";
把上面的行改成:
$query = mysql_query("SELECT * FROM ip WHERE ip='$ip'");
另一方面,mysql_*函数已弃用。我会切换到PDO或MySQLi -示例可以在PHP手册中找到。