{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Animai°情兽 的问题《SQL works in php admin but returns empty result in》','https://www.manongdao.com/q-1099278.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Here is my code:
$usersql = "Select fab2_type from feesys_admin where adminname ='$_POST[username]' and adminemail = '$_POST[password]'";
$userresult = mysql_query($usersql) or die ("<h3>Error in query: $query. ".mysql_error()."</h3>");
$num_rows = mysql_num_rows($userresult);
if($num_rows > 0) {
if($userresult['fab2_type']=='Partner'){
}
When I run the SQL statement on the database through PHP Admin, it works fine. But it returns empty within the results here.
I checked to make sure the database connects fine. I checked all spelling Number of rows returns correctly. No syntax errors. When I echo the username and password and the sql statement, it's all correct.
This code used to work so I have no idea what's going wrong here.
It is because you have not quoted your
$_POSTarray variables properly. You have$_POST[username]and$_POST[password]. It should be$_POST['username']and$_POST['password']. This causes PHP to interpret username and password as constants.Here is a different shot at your syntax -
You could further shorten this by predefining (as Fred says below).
You're very at risk for SQL injection if you don't clean up user input.
Password related
I noticed you may be storing passwords in plain text. If this is the case, it is highly discouraged.
I recommed you use CRYPT_BLOWFISH or PHP 5.5's
password_hash()function.For PHP < 5.5 use the
password_hash() compatibility pack.Plus, in regards to SQL injection, use
mysqliwith prepared statements, or PDO with prepared statements, they're much safer.