[英]i am trying to make admin and login page
this is my database:-lecturer table:-members 这是我的数据库:-讲师表:-成员
username password status
admin admin 1
user user 0
this is my checklogin.php
这是我的checklogin.php
<html>
<body>
<table>
<?php
ob_start();
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="password"; // Mysql password
$db_name="lecturer"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' and status='1'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1) {
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_session["myusername"] = "myusername";
$_session["mypassword"] = "mypassword";
$info = mysql_fetch_array($result);
if($info['status'] == 1) {
header("location:webpage.php");
} else
header("location:lecturer.php");
} else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
<th><a href="main_login.php?pressed=back">Back</a></th>
</table>
</body>
</html>
what i am trying to is when the system check the status is '1' if will lead to webpage.php
which is admin and if the status is '0' it will lead to lecturer.php
which is user 我正在尝试的是当系统检查状态为'1'时是否会导致webpage.php
为管理员,而状态为'0'时将导致为lecturer.php
webpage.php
是用户
but when i enter admin and user it kept entering webpage.php 但是当我输入admin和user时,它一直输入webpage.php
the problem is when i enter user it still lead to webpage.php i wanted it to redirect it to lecturer.php
问题是当我输入用户时仍然会导致webpage.php,我希望它将其重定向到lecturer.php
.php
can anybody state what is the mistake that i have done thank you very much 有人可以说我做的错误是什么吗?
try this.... remove the and status='1' from your query, only pass the parameters with Username and Password when getting result from query then check from status is login user is ADMIN or User then proceed. 尝试这个...。从查询中删除and status ='1',仅在从查询中获取结果时传递带有用户名和密码的参数,然后从状态中检查登录用户是ADMIN还是用户,然后继续。
<html>
<body>
<table>
<?php
ob_start();
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="password"; // Mysql password
$db_name="lecturer"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_session["myusername"] = "myusername";
$_session["mypassword"] = "mypassword";
$info = mysql_fetch_array($result);
if($info['status'] === 1){
header("location:webpage.php");
}
else
header("location:lecturer.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
<th><a href="main_login.php?pressed=back">Back</a></th>
</table>
</body>
</html>
You are checking status in query itself as status = 1
. 您正在检查查询本身中的status = 1
为status = 1
。 Then it always return the result with status = 1. So you will be redirected to webpage.php. 然后,它总是返回状态= 1的结果。因此,您将被重定向到webpage.php。
Remove condition status = '1' in your query. 在查询中删除条件状态=“ 1”。
if you want to perform action according to you status remove checking in query status=1
and also use Limit 1 when you know that there will be only one row can be fetch. 如果要根据状态执行操作,请删除查询status=1
并在知道只能提取一行时使用限制1。 it will reduce your processing time as well when your large no of records in table. 当表中没有大量记录时,它也将减少您的处理时间。
So use the code as below 因此,使用如下代码
<?php
ob_start();
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="password"; // Mysql password
$db_name="lecturer"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' LIMIT 1 ";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_session["myusername"] = "myusername";
$_session["mypassword"] = "mypassword";
$info = mysql_fetch_array($result);
if($info['status'] == 1){
header("location:webpage.php");
exit;
}
else
header("location:lecturer.php");
exit;
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
<html>
<body>
<table>
<th><a href="main_login.php?pressed=back">Back</a></th>
</table>
</body>
</html>
Remember : User exit if you transfering to another page using header 'loacation'. 切记:如果您使用标题“位置”转移到另一个页面,则用户退出。 after call this. 打电话后
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.