我正在学习MySQL和PHP,当前在登录过程中遇到麻烦。
成功登录后,MySQL查询似乎未返回任何行,也未重定向我。
PHP:
$error_msg = "";
//checks the session to see if the user is logged in
if (!isset($_SESSION['userid'])) {
if (!isset($_POST['submit'])) {
$dbc = mysqli_connect('localhost', 'root', '', 'login')
or die('Error Connecting to Database on the SQL Server');
//grabs data from POST
$user_username = $_POST['username'];
$user_password = $_POST['password'];
//lookup username and password in the database
if (!empty($user_username) && !empty($password)) {
$query = "SELECT userid, username FROM tuser WHERE username = '$user_username' AND password = SHA('$user_password')";
$res = mysqli_query($dbc, $query);
//login is ok so set the user ID and username cookies, redirect to homepage
if (mysqli_num_rows($res) == 1) {
$row = mysqli_fetch_array($res);
$_SESSION['userid'] = $row['userid'];
$_SESSION['username'] = $row['username'];
setcookie('userid', $row['userid'], time() + (60 * 60 * 24 * 30), "/");
setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30), "/");
setcookie('email', $row['email'], time() + (60 * 60 * 24 * 30), "/");
setcookie('password', $row['password'], time() + (60 * 60 * 24 * 30), "/");
//redirect after successful login
header("Location: index.php");
} else {
//the username and password are incorrect so set error message
$error_msg = 'Sorry, you must enter a valid username and password to log in. <a href="Signup.php">Please sign up!</a>';
}
}
}
}
HTML:
<form action="login_process.php" method="post" class="login">
Username: <input type="text" name="username"/>
Password: <input type="password" name="password"/>
<input type="submit" value="submit"/>
</form>
对不起,我对PHP和MySQL都很熟悉,并且自学如何做到这一点。我进行了一些更改,然后代码提交了,但是它没有重定向我,它只是进入了login_process.php而没有执行任何操作。我想念什么?我感谢所有帮助,谢谢大家!
<?
session_start();
$error_msg = "";
//checks the session to see if the user is logged in
if (!isset($_SESSION['user_id']))
{
if (isset($_POST['submit']))
{
$user_username = mysql_real_escape_string($_POST['username']);
$user_password = mysql_real_escape_string($_POST['password']);
$dbc = mysqli_connect('localhost', 'root', '', 'login')
or die('Error Connecting to Database on the SQL Server');
//grabs data from POST
//lookup username and password in the database
if (!empty($user_username) && !empty($password))
{
$query = "SELECT userid, username FROM tuser WHERE username = '$user_username' AND password = SHA('$user_password')";
$res = mysqli_query($dbc, $query);
//login is ok so set the user ID and username cookies, redirect to homepage
if (mysqli_num_rows($res) == 1)
{
$row = mysqli_fetch_array($res);
$_SESSION['user_id'] = $row['userid'];
$_SESSION['user'] = $row['username'];
setcookie('userid', $row['userid'], time() + (60 * 60 * 24 * 30), "/");
setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30), "/");
setcookie('email', $row['email'], time() + (60 * 60 * 24 * 30), "/");
setcookie('password', $row['password'], time() + (60 * 60 * 24 * 30), "/");
//redirect after successful login
header("Location: home.php");
echo mysqli_error($dbc);
}
else
{
//the username and password are incorrect so set error message
$error_msg = 'Sorry, you must enter a valid username and password to log in. <a href="Signup.php">Please sign up!</a>';
header("Location: home.php");
echo mysqli_error($dbc);
}
}
else
{
$error_msg = 'Please enter a username and password to log in. <a href="Signup.php">Please sign up!</a>';
header("Location: home.php");
echo mysqli_error($dbc);
}
}
}
?>
最佳答案
我不确定这是否就是所有代码,但是必须先session_start()
才能访问$_SESSION
除非未设置帖子,否则您的代码仅查询,因此请更改它:
if (isset($_POST['submit'])) {
//your code
}
另外,请确保转义用户输入以防止sql注入:
$user_username = mysql_real_escape_string($_POST['username']);
确保这不是您的SQL错误:
echo mysqli_error($dbc);
关于php - PHP和MySQL登录查询,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/10956308/