堆栈内存溢出
  简体   繁体   English

php&MySQL-帐户登录错误

[英]php&MySQL - Account sign in error

 原文  2015-09-08 05:58:25       php/ mysql/ database

问题描述

I am thinking about making a sign in form on my website with php and MySQL. 我正在考虑使用php和MySQL在我的网站上进行登录。 I inserted some data in my database, and it's perfectly connected to the php file. 我在数据库中插入了一些数据,它完美地连接到了php文件。 But the issue is that everyone can login! 但是问题是每个人都可以登录! even if the account does not exist in the database. 即使该帐户不存在于数据库中。 

<?php

//connection_start
$mysqli = new mysqli('example','example','example','example');

//check_connection
if($mysqli->connect_error){
    die("Connection error (check_connection): " . $mysqli->connect_errno . " : " . $mysqli->connect_error );
    exit();
}

//Get_user_input
$uName = mysqli_real_escape_string($mysqli, $_POST['form_username']) ;
$uPass = mysqli_real_escape_string($mysqli, $_POST['form_password']) ;

//Verify_existance_in_db
$Q_search_username = mysqli_query($mysqli, "SELECT `username` FROM `users` WHERE `users`.`username` LIKE '$uName' ");

if($Q_search_username){
    $Q_search_passsword = mysqli_query($mysqli, "SELECT `password` FROM `users` WHERE `users`.`password` LIKE '$uPass' "); 
}else{
    echo "You are not registered yet" ;
}

//decide_in_or_not
if($Q_search_passsword){
    echo "You are in" ;
}else{
    echo "Wrong password. Access denied" ;
}

//Connection_end
$mysqli->close();

?>

Is there a way to fix my code? 有没有办法修复我的代码? any help will be highly appreciated. 任何帮助将不胜感激。

1 个解决方案

解决方案1
 0  2015-09-08 06:02:29

It seems like the problem here is with your query: 看来这里的问题出在您的查询中:

You should change this: 您应该更改此: 

`$Q_search_username = mysqli_query($mysqli, "SELECT `username` FROM `users` WHERE `users`.`username` LIKE '$uName' ");`

to this: 对此: 

`$Q_search_username = mysqli_query($mysqli, "SELECT `username` FROM `users` WHERE `users`.`username` ='$uName' ");`

same with this: 与此相同: 

$Q_search_passsword = mysqli_query($mysqli, "SELECT `password` FROM `users` WHERE `users`.`password` LIKE '$uPass'");

to this: 对此: 

$Q_search_passsword = mysqli_query($mysqli, "SELECT `password` FROM `users` WHERE `users`.`password` ='$uPass' ");

SUGGESTION: 建议:

or if you want to make it simplier you could just do your query like this: 或者,如果您想使其更简单,则可以像这样进行查询: 

$Q_search_passsword = mysqli_query($mysqli, "SELECT * FROM `users` WHERE `users`.`username` ='$uName' and  `users`.`password` ='$uPass' ");

---Just fuse the query for selecting username and password. ---只需融合用于选择用户名和密码的查询即可。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在php&mysql中纠正基数违反错误消息 - how to rectify cardinality violation error message in php&mysql 日期格式(php&mysql) - Date format (php&mysql) 使用PHP和MySQL的确认启动模态 - Confirmation Bootstrap modal using PHP&MySQL 带有分数的PHP和MySQL对接算法 - Php&MySQL Matchmaking Algorithm With Score 搜索引擎错误PHP&Mysql - Search Engine Bug PHP&Mysql php&mysql fopen无法打开文件 - php&mysql fopen cannot open the file PHP和MYSQL - 在数据库中插入数据失败 - PHP&MYSQL - Failed inserting data in database 如何在php&mysql中更正此“ SQL语法” - how to rectify this “SQL syntax” in php&mysql php&mysql查找父类别名称 - php&mysql find parent category name 删除行php&mysql动态链接 - delete row php&mysql dynamique link
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM