将输入与两个表进行比较
[英]Comparing the input with two table
问题描述
I have a LOGIN PAGE which has one table in my database which is members include ID, PASSWORD, USER_TYPE. 
我有一个登录页面,该页面在我的数据库中有一个表,该表的成员包括ID,PASSWORD,USER_TYPE。 I want my login page that when users enter their ID and password go to the website based on who they are. 我希望我的登录页面能够在用户输入其ID和密码时根据其身份访问该网站。 (If they are students go to student's page) (If they are organizer go to organizer's page). (如果是学生,请转到学生页面)(如果是组织者,请转到组织者页面)。
I can't get the result from coding below: 我无法从下面的编码中得到结果:
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$user="admin";
$pass="neehahs";
$host="localhost";
$db="login";
$con=mysqli_connect($host,$user,$pass,$db);
if(mysqli_connect_errno($con)){
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$username=($_POST['username']);
$password=md5($_POST['password']);
$username = mysqli_real_escape_string($con,$username);
$password = mysqli_real_escape_string($con,$password);
$sql="SELECT * FROM members WHERE student_id='%$username%' AND student_pass='%$password%'";
$sqldata=mysqli_query($con,$sql)
or die ("error");
while ($row=mysqli_fetch_array($sqldata)){
if($row["user_type"]=='student'){
header('location: http://localhost/greenstudio/index.html');
}
elseif
($row["user_type"]=='organizer'){
header('location: http://localhost/greenstudio/index2.html');
}else {
echo"Sorry, your credentials are not valid, Please try again.";
}
}
exit();
}
?>
1 个解决方案
解决方案1
0 已采纳 2013-11-22 18:01:19
You should have a table similar to: 您应该有一个类似于以下内容的表:
Table: users
--------+----------+----------+----------
user_id | username | password | user_type
--------+----------+----------+----------
1 | admin | neehahs | organizer
2 | student1 | mypass | student
And then you can write a query like: 然后,您可以编写如下查询:
SELECT
user_type
FROM
users
WHERE
BINARY username='$username' AND
BINARY password='$password'
Then your if:else if:else statement would just redirect on whether the return was student or organizer; 然后,您的if:else if:else语句将仅重定向返回的内容是学生还是组织者。 and no returned rows would equal invalid log in. 并且没有返回的行等于无效的登录。
Note: use BINARY comparisons with log ins to ensure that usernames are entered case sensitive and you should use some kind of encryption on your password field md5 at the very least but stronger encryption is highly recommended 注意:对登录使用BINARY比较以确保输入的用户名区分大小写,并且至少应在密码字段md5上使用某种加密方式,但强烈建议使用更强的加密方式
Edit: here is how I would write this logic: 编辑:这是我将如何编写此逻辑:
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST"){
$user="admin";
$pass="neehahs";
$host="localhost";
$db="login";
$con=mysqli_connect($host,$user,$pass,$db);
if(mysqli_connect_errno($con)){
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$username=($_POST['username']);
$password=md5($_POST['password']);
$username = mysqli_real_escape_string($con,$username);
$password = mysqli_real_escape_string($con,$password);
$sql="SELECT user_type FROM members WHERE BINARY student_id='$username' AND BINARY student_pass='$password'";
$sqldata=mysqli_query($con,$sql) or die ("error");
$row = mysqli_fetch_array($sqldata);
if(is_null($row) || mysqli_num_rows($sqldata)!=1){
echo "Sorry, your credentials are not valid or matches more than 1 user, Please try again.";
} else if(isset($row["user_type"])){
if($row["user_type"]=='student'){
header('location: http://localhost/greenstudio/index.html');
} else if($row["user_type"]=='organizer'){
header('location: http://localhost/greenstudio/index2.html');
} else {
echo "User type was returned as not student nor organizer.";
}
} else {
echo "Sorry, user_type was not returned in the dataset retrieved from the database.";
}
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.