登录页面似乎无法正常工作。它不会验证用户表上的用户名和密码,因此不允许登录。
PHP
if(isset($_POST['submit']))
{
$userName=$_POST['userName'];
$passWord=$_POST['passWord'];
$result=mysqli_query($con,"select *from Users where `userName` ='$userName' and `passWord` ='$passWord'");
if($result)
{
//echo "Successfully deleted".$id;
$count=mysqli_num_rows($result);
//echo $count;
}
if($count==1)
{
$_SESSION['username']=$username;
$_SESSION['passWord']=$passWord;
header("location:users.php");
}
else
{
header("location:index.php");
}
}
?>
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link href="index.css" rel="stylesheet" type="text/css" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Sign in</title>
</head>
<body>
<div id="signin">
[ <a href="signup.php">Sign Up</a> ]
[ <a href="signin.php">Sign In</a> ]
</div>
<div id="clear"></div>
<div class="navbar">
<ul>
<li><a href="concerts.php" target="_self">Concert</a></li>
<li><a href="restaurants.php" target="_self">Restaurant</a></li>
<li><a href="sports.php" target="_self">Sports</a></li>
</ul>
</div>
<form name="signin" method="post" action="signin.php" id="form">
Member Login <br /><br />
Username<input name="userName" type="text"><Br />
Password</td><input name="passWord" type="password"><br /><br />
<input type="submit" name="submit" value="submit">
</form>
</body>
</html>
此代码没有从用户表中获取 id_cust 来存储在 $id 中 它从登录页面获取正确的用户名
<?php
$result=mysqli_query($con, "select * from Users where `userName` ='$userName'");
$row = mysqli_fetch_array($result);
$id = $row['id_cust'];
最佳答案
尝试将代码更改为以下内容。
if($result)
{
//echo "Successfully deleted".$id;
$count=mysqli_num_rows($result);
//echo $count;
if($count==1)
{
$_SESSION['userName']= $userName;
$_SESSION['passWord'] = $passWord;
header("location:users.php");
}
else
{
header("location:index.php");
}
}
关于php mysql 不检查用户表上的用户名和密码,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/23186399/