脚本的PHP和MySQL代码语法问题[关闭]

Question

我需要这个以便使用登录的用户 ID，并且只有该用户可以使用 PHP 从 SQL 查询中查看他/她自己的数据，而不是所有数据我可以根据请求提供更多信息

（寻找

<center>
<title>J~Net Balance Accounts</title>
 <?php 
 // Connects to your Database 
 mysql_connect("localhost", "root", "password") or die(mysql_error()); 
 mysql_select_db("messages") or die(mysql_error()); 
 $data = mysql_query("SELECT * FROM users WHERE id=$id") <<<<
 or die(mysql_error()); 
 Print "<table border cellpadding=3>"; 
 while($info = mysql_fetch_array( $data )) 
 { 
 Print "<tr>"; 
 Print "<th>User:</th> <td>".$info['user_name'] . "</td> "; 
 Print "<th>Balance:</th> <td>".$info['balance'] . " </td></tr>"; 
 } 
 Print "</table>"; 
 ?> 

Answer 1

<?php //
echo "<h3>Member Log in</h3>";
$error = $user = $pass = "";

if (isset($_POST['user'])){
    $user = sanitizeString($_POST['user']);
    $pass = sanitizeString($_POST['pass']);

    if ($user == "" || $pass == ""){
        $error = "Not all fields were entered<br />";
    }else{
        $token = md5("$pass");
        $query = "SELECT name,pass FROM users WHERE name='$user' AND pass='$token'";

        if (mysql_num_rows(queryMysql($query)) == 0){
            $error = "Username/Password invalid<br />";
        }else{

            $_SESSION['user']    = $user;
            $_SESSION['pass']    = $token;
            header("Location: index.php");
        }
    }
}

echo <<<_END
<form method='post' action='login.php'>$error
Username <input type='text' maxlength='16' name='user' value='$user' /><br />
Password <input type='password' maxlength='16' name='pass'value='$pass' /><br />
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
<input type='submit' value='Login' />
</form>
_END;

这是一个要求用户名和密码的表单。登录后，它会将用户 ID 存储在 $_SESSION['user'] 中。 现在您可以在需要时在其他页面中引用此变量。