What is the problem with mysqli_fetch

H

happyer2018-04-02 18:19:56

PHP

happyer, 2018-04-02 18:19:56

What is the problem with mysqli_fetch_array?

Hello
, There was such a problem.

I load a php file via ajax, and the connection with this file is correct

$.post( 
   "путь", 
   data, 
   function onAjaxSuccess(data){
       alert(data);
   },
)

and the php file itself looks like this

if(isset($_POST["login"])){

    $login=$_POST["login"];

    $res = "SELECT * FROM `profiles` WHERE `login`= $login";
    $sql = mysqli_query($dbConnect, $res);

    while($row=mysqli_fetch_array($sql)) {
        print_r($row);
        $loginDb=$row[1];//логин находится во втором стобце
        echo $loginDb;
    }



    if(!isset($loginDb)){
        echo $loginDb;
        echo "loginDb=false";
    }
    else{
        echo "loginDb=true";
    }
}

as a result, after the script is enabled, a message is displayed that there is no such login, although it exists in the database

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

K

KTF, 2018-04-04
@KTF

Once you've figured out the problem, dump your SQL injection code and rewrite everything in PDO using prepared queries .