我有一个登录表单。我的数据库表中有两条记录:管理员和用户。如果您以管理员身份登录,则必须转到 admin_area.php。这是行不通的,他总是以用户身份登录。 如果您登录,如果用户这有效。 脚本的第一部分不起作用并且无法运行。
有人可以帮助我吗? 提前致谢。
<?php
//first part: this is not working
session_start();
//if (isset($_POST['submit'])) {
$a_username = $_POST ['username'];
$a_password = md5( $_POST ['password']);
if($a_username == "admin" && $a_password=="intel")
{
include 'connect.php';
$sqli = "SELECT * FROM users WHERE username='$a_username' AND password='$a_password' ";
$numrows = mysqli_query($link, $sqli) or die(mysqli_error());
$username = 'username';
$password = 'password';
//Add some stripslashes
$username = stripslashes($username);
$password = stripslashes($password);
//Check if username and password is good, if it is it will start session
if ($username == $a_username && $password == $a_password)
{
$_SESSION['username'] = 'true';
$_SESSION['username'] = $username;
//Redirect to admin page
header("Location: admin_area.php");exit();
}
}
//second part: this works
$username = $_POST ['username'];
$password = md5( $_POST ['password']);
if($username&&$password)
{
include 'connect.php';
$query = "SELECT * FROM users WHERE username='$username' AND password='$password' ";
$numrows = mysqli_query($link, $query) or die(mysqli_error());
if ($numrows != 0)
{
/
while ($row = mysqli_fetch_assoc ($numrows))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if ($username==$dbusername&&$password==$dbpassword)
{
echo "you are log in <a href='user.php'>click here for contine</a>, after 4 seconds"; header('Refresh: 4;url=user.php');
$_SESSION ['username'] = $username;
}
else
echo "<h3>incorrect password, <a href='index.php'>click here</a></h3>";
}
else
die ("text");
}
else
die ("text");
//}
?>
最佳答案
$a_password = md5( $_POST ['password']);
if($a_username == "admin" && $a_password=="intel")
这个条件无效,因为
$a_password = md5( $_POST ['password'])
首先转换为md5格式,然后检查$a_password==“intel”
$a_password
现在是 md5 格式,intel
是普通字符串。为此,首先尝试匹配正常的 $a_password
就像
$a_password = $_POST ['password']
并将变量写入您的条件,如下所示
$a_password = md5( $_POST ['password'])
关于php 管理员和用户帐户不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/34774552/