stackoom
  简体   繁体   中英

having trouble with a admin login form

 原文  2015-12-10 05:00:55       php/ forms/ login

Question

I am currently working on making a admin login form for a website I am making the problem is that whenever I try and submit the form it automatically accepts it and doesn't not display the error message for invalid credentials if I enter the wrong value or nothing at all 

<?php require_once('dbadmin.php');?>
<?php
session_start();
error_reporting(E_ALL);
ini_set("display_errors", 1);
if(isset($_POST['adminlogin'])) {
    $username = trim($_POST['user']);
    $password = md5(trim($_POST['password'])); // wrap the trim() function with md5() function
    $sql = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
    $result = mysqli_query($connect, $sql) or die("Invalid query: ".mysql_error());
    if(mysql_num_rows($result)==0) {
        $confim = '<h2 style="color:red;">Invalid Credentials!</h2>';
    } else {
        $_SESSION['user'] = $username;
        $confirm = '<h2> Login Successful</h2>';
    }
}
?>
<!DOCTYPE html>
<html lang="en">
    <head>
    <meta charset="UTF-8">
    <title> website</title>
    <link rel="stylesheet" type="text/css" href="css/style.css" />
    </head>
    <body>
      <header><img src="images/eastersealsclevelogo.png" alt="Easter Seals Logo" width="445" height="300"/> </header>
      <nav>
         <ul>
           <li><a href="index.html" class="current">Home</a></li>
           <li><a href="signup.php" class="current">Run Sign-Up</a></li>
           <li><a href="refer.php" class="current">Refer-a-Friend</a></li>
         </ul>
      </nav>
    <h1>Enter Your Login Information</h1>
    <?php if(isset($confirm)) echo $confirm; ?> 
       <form method="post" name="adminlogin" id="adminlogin" title="adminlogin" action="admin_login.php">
    <p>User: <br> <input type="text" name="user"></p>
    <p>Password: <br><input type="password" name="password"></p>
    <p><input type="submit" name="adminlogin" id="adminlogin" value="Login"></p>
</form>
    </p>
    <footer></footer>
   </body>

</html>

error i keep getting now Warning: mysqli_query() expects parameter 1 to be mysqli, resource given in filepath/admin_login.php on line 10 Invalid query:

1 answers

solution1
 0 ACCPTED  2015-12-10 05:04:56

The query is hard-coded, so if you have a username of 'username' with a password of 'password', the SELECT will always find it. 

$sql = "SELECT * FROM users WHERE username = 'username' AND password = 'password'";

replace it to: 

$sql = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";

Don't use the mysql functions because they have been deprecated, use mysqli or PDO .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Having trouble with php login page issues having an additional admin login Admin login form admin and user login form having issue in login form? Having trouble with my contact form Magento2 installation trouble admin login trouble in curl in order to login into a form Having trouble with custom login flow in Symfony 2 Having trouble with PHP project login Issue
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM