[英]having trouble with a admin login form
我目前正在为网站制作管理员登录表单,但问题是,每当我尝试提交表单时,它都会自动接受该表单,并且如果我输入错误的值或不显示无效凭据的错误消息,一点都没有
<?php require_once('dbadmin.php');?>
<?php
session_start();
error_reporting(E_ALL);
ini_set("display_errors", 1);
if(isset($_POST['adminlogin'])) {
$username = trim($_POST['user']);
$password = md5(trim($_POST['password'])); // wrap the trim() function with md5() function
$sql = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
$result = mysqli_query($connect, $sql) or die("Invalid query: ".mysql_error());
if(mysql_num_rows($result)==0) {
$confim = '<h2 style="color:red;">Invalid Credentials!</h2>';
} else {
$_SESSION['user'] = $username;
$confirm = '<h2> Login Successful</h2>';
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title> website</title>
<link rel="stylesheet" type="text/css" href="css/style.css" />
</head>
<body>
<header><img src="images/eastersealsclevelogo.png" alt="Easter Seals Logo" width="445" height="300"/> </header>
<nav>
<ul>
<li><a href="index.html" class="current">Home</a></li>
<li><a href="signup.php" class="current">Run Sign-Up</a></li>
<li><a href="refer.php" class="current">Refer-a-Friend</a></li>
</ul>
</nav>
<h1>Enter Your Login Information</h1>
<?php if(isset($confirm)) echo $confirm; ?>
<form method="post" name="adminlogin" id="adminlogin" title="adminlogin" action="admin_login.php">
<p>User: <br> <input type="text" name="user"></p>
<p>Password: <br><input type="password" name="password"></p>
<p><input type="submit" name="adminlogin" id="adminlogin" value="Login"></p>
</form>
</p>
<footer></footer>
</body>
</html>
错误,我现在不断得到警告:mysqli_query()期望参数1为mysqli,在第10行的filepath / admin_login.php中给出的资源无效查询:
该查询是硬编码的,因此,如果您的用户名为“ username”,密码为“ password”,则SELECT总是会找到它。
$sql = "SELECT * FROM users WHERE username = 'username' AND password = 'password'";
替换为:
$sql = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
不要使用mysql函数,因为它们已被弃用,请使用mysqli或PDO 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.