<?php
require_once("!cache.php");
$connection = mysqli_connect ('localhost', 'twa137', 'twa137hu', 'westernhotel137');
if(!$connection) {
die("connection failed: " . mysqli_connect_error());
}
$username="";
$password="";
$usmg="";
$pasmg="";
$logincorrect = "";
if (isset($_POST["submit"])) {
// Here we only validate that username and password are not empty.
$username = $_POST["username"];
if (empty($username)) $usmg = '<span class="error"> This field is mandatory. Please enter staff ID.</span>';
$password = $_POST["password"];
if (empty($password)) $pasmg = '<span class="error"> This field is mandatory. Please enter password.</span>';
if (strlen($usmg)==0 && strlen($pasmg)==0) {
// sanitize them before passing to database
$username = mysqli_real_escape_string($connection, $username);
$password = mysqli_real_escape_string($connection, $password);
$sql = "select username, password from customers where username = '$username' and password = '$password'";
$rs = mysqli_query($connection, $sql)
or die("Error when looking up username and password" . mysqli_error($connection));
if (mysqli_num_rows($rs) > 0 ) {
// username and password correct
session_start();
$_SESSION["who1"] = $username;
$_SESSION["password"] = $password;
mysqli_close($connection);
$logincorrect = true;
header("location: browse.php");
}
mysqli_close($connection);
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Login</title>
<style type="text/css">
input[type="text"] {
border: 2px solid black;
}
.error {
color:red;
}
</style>
</head>
<body>
<h2>Login page </h2>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post">
<p>
Admin name: <input type="text" name="username" value="<?php echo htmlspecialchars($username) ?>" />
<?php echo $usmg; ?>
</p>
<p>
Password: <input type="password" name="password" value="<?php echo htmlspecialchars($password) ?>" />
<?php echo $pasmg; ?>
</p>
<p>
<input type="submit" value="Submit" name="submit"/>
</p>
<p>
<input type="reset" value="Reset" name="reset"/>
</p>
</form>
<?php
if (isset($_POST['submit']) && !$logincorrect) {
echo "<p> <span class='error'>Login details incorrect. Please try again!</span></p>";
}
?>
</body>
</html>
我需要检查该值是否存在,如果存在,它将重定向到另一个页面,但是当我尝试测试我的输入时,它总是显示登录详细信息不正确,即使该值存在于数据库中
最佳答案
<?php
session_start();
?><html>
<head>
<style type="text/css">
input{
border:1px solid olive;
border-radius:5px;
}
h1{
color:darkgreen;
font-size:22px;
text-align:center;
}
</style>
</head>
<body>
<h1>Login<h1>
<form action='' method='post'>
<table cellspacing='5' align='center'>
<tr><td>User name:</td><td><input type='text' name='username'/></td></tr>
<tr><td>Password:</td><td><input type='password' name='password'/></td></tr>
<tr><td></td><td><input type='submit' name='submit' value='Submit'/></td></tr>
</table>
</form>
<?php
if(isset($_POST['submit']))
{
$connection=mysqli_connect('localhost','twa137','twa137hu','westernhotel137');
$username=$_POST['username'];
$password=$_POST['password'];
if($username!=''&&$password!='')
{
$query=mysqli_query($connection,"select * from login where username='".$username."' and password='".$password."'");
$res=mysqli_num_rows($query);
if($res>0)
{
$_SESSION["username"] = $username;
header('location:browse.php');
}
else
{
echo'You entered username or password is incorrect';
}
}
else
{
echo'Enter both username and password';
}
}
?>
</body>
</html>
关于php - 检查数据库中是否存在值以及是否使用 php 重定向到页面,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/37560875/