Home > Article > Backend Development > unknown column field list解决方案
unknown column field list解决方案
- WBOYOriginal
- 2016-06-13 13:15:371339browse
unknown column field list
- PHP code
<!--
Code highlighting produced by Actipro CodeHighlighter (freeware)
http://www.CodeHighlighter.com/
-->
if (empty($username)) {$error[]='Username cannot be empty.';}
$query='select user_name from user where user_name="' . $username . '"';
$result=mysql_query($query) or die(mysql_error($db));
if (mysql_num_rows($result)>0) {$error[]='Username has already been used.'; $username='';}
这个是我的代码,出错信息:Unknown column 'tchen13' in 'field list'
tchen13是我post过来的变量
------解决方案--------------------
$query='select user_name from user where user_name="' . $username . '"';
die($query);
第一步,你确定没有别人也在使用,存在注入可能性,也就是你那个username变量里面包含注释加sql语句!
第二步,你确定,同页面没有再查询数据库的地方,因为tchen13是你传过来的变量,也不该搞到字段上去
第三步,输出query语句查看内容是否符合你的期待,看清了,楼上说几次了,你老说是传变量值,如果真是正确值那就不是这句错误,总能证明点东西的,自已动手试试,输出那句SQL语句!
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article: thinkphp模型过滤查询字段,表达式步骤 Next article: : windows 2003 PHP 提示 No input file specified