关于PHP文件里的SQL无法执行的问题,求大神给解释下 是哪里存在问题,SQL在mysql里执行的话是没问题的
<?phprequire_once("/config.php");session_start();if(!empty($_POST["security"])){if($_...
<?php
require_once("/config.php");
session_start();
if(!empty($_POST["security"])){
if($_SESSION["security"] != $_POST["security"]) { $errors[] = "输入无效. 请重试."; }
}
$security = rand(10000, 100000);
$_SESSION["security"] = $security;
if(!empty($_POST["accountname"]) && !empty($_POST["password"]) && !empty($_POST["charactername"]) && !empty($_POST["security"]))
{
$mysql_connect = mysqli_connect($mysql["host"], $mysql["username"], $mysql["password"]) or die("无法链接数据库.");
mysqli_select_db($mysql_connect, $mysql["characters"]) or die("无法链接服务器数据库.");
$post_accountname = mysqli_real_escape_string($mysql_connect, trim(strtoupper($_POST["accountname"])));
$check_query = mysqli_query($mysql_connect, "SELECT COUNT(*) FROM auth.account WHERE username = '".$post_accountname."'");
$check_results = mysqli_fetch_array($check_query);
if($check_results[0]==0){ $errors[] = "账户不存在.请重试."; }
$post_password = mysqli_real_escape_string($mysql_connect, trim(strtoupper($_POST["password"])));
$post_password_final = mysqli_real_escape_string($mysql_connect, SHA1("".$post_accountname.":".$post_password.""));
$check_query = mysqli_query($mysql_connect, "SELECT COUNT(*) FROM auth.account WHERE sha_pass_hash = '".$post_password_final."'");
$check_results = mysqli_fetch_array($check_query);
if($check_results[0]==0){ $errors[] = "密码错误.请重试."; }
$post_charactername = mysqli_real_escape_string($mysql_connect, trim(strtoupper($_POST["charactername"])));
$check_query = mysqli_query($mysql_connect, "SELECT COUNT(*) FROM characters.characters,auth.account WHERE characters.characters.`name` = '".$post_charactername."' AND characters.characters.account = auth.account.id AND auth.account.username = '".$post_accountname."'");
$check_results = mysqli_fetch_array($check_query);
if($check_results[0]==0){ $errors[] = "角色名不存在,或账户与角色不匹配.请重试."; }
if(!is_array($errors)){
mysqli_query($mysql_connect, "DELETE character_spell,character_classless FROM character_spell,character_classless,characters.characters WHERE characters.name = '".$post_accountname."' AND character_spell.guid = characters.guid AND character_classless.guid = characters.guid;") or die(mysqli_error($mysql_connect));
$errors[] = '<h2>成功重置账号<font color="red">'.$post_accountname.'</font>下角色:<font color="blue">'.$post_charactername.'</font>的天赋及技能</h2>.';
}
mysqli_close($mysql_connect);
}
function error_msg(){
global $errors;
if(is_array($errors)){
foreach($errors as $msg){
echo '<div class="errors">'.$msg.'</div>';
}
}
}
?> 展开
require_once("/config.php");
session_start();
if(!empty($_POST["security"])){
if($_SESSION["security"] != $_POST["security"]) { $errors[] = "输入无效. 请重试."; }
}
$security = rand(10000, 100000);
$_SESSION["security"] = $security;
if(!empty($_POST["accountname"]) && !empty($_POST["password"]) && !empty($_POST["charactername"]) && !empty($_POST["security"]))
{
$mysql_connect = mysqli_connect($mysql["host"], $mysql["username"], $mysql["password"]) or die("无法链接数据库.");
mysqli_select_db($mysql_connect, $mysql["characters"]) or die("无法链接服务器数据库.");
$post_accountname = mysqli_real_escape_string($mysql_connect, trim(strtoupper($_POST["accountname"])));
$check_query = mysqli_query($mysql_connect, "SELECT COUNT(*) FROM auth.account WHERE username = '".$post_accountname."'");
$check_results = mysqli_fetch_array($check_query);
if($check_results[0]==0){ $errors[] = "账户不存在.请重试."; }
$post_password = mysqli_real_escape_string($mysql_connect, trim(strtoupper($_POST["password"])));
$post_password_final = mysqli_real_escape_string($mysql_connect, SHA1("".$post_accountname.":".$post_password.""));
$check_query = mysqli_query($mysql_connect, "SELECT COUNT(*) FROM auth.account WHERE sha_pass_hash = '".$post_password_final."'");
$check_results = mysqli_fetch_array($check_query);
if($check_results[0]==0){ $errors[] = "密码错误.请重试."; }
$post_charactername = mysqli_real_escape_string($mysql_connect, trim(strtoupper($_POST["charactername"])));
$check_query = mysqli_query($mysql_connect, "SELECT COUNT(*) FROM characters.characters,auth.account WHERE characters.characters.`name` = '".$post_charactername."' AND characters.characters.account = auth.account.id AND auth.account.username = '".$post_accountname."'");
$check_results = mysqli_fetch_array($check_query);
if($check_results[0]==0){ $errors[] = "角色名不存在,或账户与角色不匹配.请重试."; }
if(!is_array($errors)){
mysqli_query($mysql_connect, "DELETE character_spell,character_classless FROM character_spell,character_classless,characters.characters WHERE characters.name = '".$post_accountname."' AND character_spell.guid = characters.guid AND character_classless.guid = characters.guid;") or die(mysqli_error($mysql_connect));
$errors[] = '<h2>成功重置账号<font color="red">'.$post_accountname.'</font>下角色:<font color="blue">'.$post_charactername.'</font>的天赋及技能</h2>.';
}
mysqli_close($mysql_connect);
}
function error_msg(){
global $errors;
if(is_array($errors)){
foreach($errors as $msg){
echo '<div class="errors">'.$msg.'</div>';
}
}
}
?> 展开
1个回答
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
