[英]Login page doesn't redirect to homepage
I have the following script:我有以下脚本:
//Possible solution for logging a user in below.
if($result = mysqli_query($db,"SELECT password FROM USERS WHERE password = '". $password ."' AND username = '". $username ."'")){
$count = $result->num_rows;
$accounttype = mysqli_query($db, "SELECT AccountType FROM USERS WHERE username ='". $username."'");
if($count>=1){
if($accounttype == "tradesmen"){
include('../html/WelcomeCustomer.html');
}
else if($accounttype == "customer"){
include('../html/WelcomeTrade.html');
}
}
else{
echo "The login credentials were incorrect";
}
}
I know there is a more than a few things wrong with this implementation in terms of security.我知道这个实现在安全性方面有很多问题。 I plan on fixing this once I have the login working.
我计划在登录后修复此问题。
For now I just wish to get the user logged in. When I run this I get a blank page, using the following accounts:现在我只想让用户登录。当我运行它时,我得到一个空白页面,使用以下帐户:
username, password, AccountType: test, test, tradesmen.
username, password, AccountType: work, work, customer.
I have error reporting turned on and I get nothing.我打开了错误报告,但什么也没得到。 What could be the reason for the script not redirecting the user?
脚本不重定向用户的原因可能是什么?
well, you're not redirecting
the control.好吧,您没有
redirecting
控件。 This statement include('../html/WelcomeCustomer.html');
该声明
include('../html/WelcomeCustomer.html');
will just include
the HTML
file rather than redirecting
to it.将只
include
HTML
文件,而不是redirecting
到它。
So you need to do following.所以你需要做以下。 also you don't need to double query the database
你也不需要双重查询数据库
$mysqli = new mysqli("localhost", "my_user", "my_password", "db_name");
$result = $mysqli->query($db,"SELECT * FROM USERS WHERE password = '". $password ."' AND username = '". $username ."'");
$count = $result->num_rows;
if($count){
$row = $result->fetch_assoc();
if($row['AccountType'] == "tradesmen"){
header('Location: ../html/WelcomeCustomer.html');
}
else if($row['AccountType'] == "customer"){
header('Location: ../html/WelcomeTrade.html');
}
}
else{
echo "The login credentials were incorrect";
}
} }
just change your include
statements I found that you're direct matching the object
inside if
condition, you need to first fetch
data and after that compare it.只需更改您的
include
语句,我发现您直接匹配if
条件中的object
,您需要先fetch
数据,然后再进行比较。
IMPORTANT重要的
at some places, you're using Object oriented style like $result->num_rows;在某些地方,您使用的是面向对象的样式,例如$result->num_rows; and at some places you're using Procedural style like mysqli_query .
在某些地方,您使用程序风格,如mysqli_query 。 So I suggest you to use one of them, I've updated my answer with Object oriented style
所以我建议你使用其中之一,我已经用面向对象的风格更新了我的答案
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.