开发者

SQL result doesn't work when reassigned

问答 作者:

The code:

  $msr = db_query("SELECT * FROM users WHERE username='$username'");
  if (db_num_rows($msr) == 0)
      return null;

When

function db_query($query) { return mysql_query($query) or die(mysql_error() . " when querying: $query"); }
function db_num_rows($queres) { return mysql_num_rows($queres) or die(mysql_error()); }

Shows error: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource

When I replace "db_" with "mysql_" everything works perfectly. Is there 开发者_运维技巧a way to fix this?

See "Creating a php function to return mysql results" here on SO.

function db_query($query) { 
  $result = mysql_query($query) or die(mysql_error()." when querying: $query"); 
  return $result;
}

// etc

Apart from that, you should absolutely not do 

$msr = db_query("SELECT * FROM users WHERE username='$username'");

for security reasons. This is wide open for SQL injection attacks, see XKCD 327. Use parametrized SQL statements instead.

继续阅读:php

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9