堆栈内存溢出
  繁体   English   中英

检查登录表单时出现问题

[英]problems in checking login form

 原文  2012-11-01 10:26:58       php/ sql/ login-script

问题描述

我不知道为什么php忽略if语句并且它不执行检查, 

    <?php
   require 'default.php';
   if(isset($_POST['submit'])){
      $username = $_POST['username'];
      $password = $_POST['password'];
      $username = stripslashes($username);
      $password = stripslashes($password);
      $username = mysql_real_escape_string($username);
      $password = mysql_real_escape_string($password);
      if (mysql_num_rows(mysql_query("SELECT `username` FROM `users` WHERE `username`='$username'"))==1
         && mysql_num_rows(mysql_query("SELECT `password` FROM `users` WHERE `password`='$password'"))==1){
          echo 'you Have logged in successfully';
         }else{
             echo 'Incorrect username or password had been entered!';
            }
   }

?>

2 个解决方案

解决方案1
 3  2012-11-01 10:29:28

如果一个用户拥有提供的用户名而另一个用户提供了密码怎么办? 它登录?

请以这种方式更改您的代码: 

if (mysql_num_rows(mysql_query("SELECT `username` FROM `users` WHERE `username`='$username' AND `password`='$password'"))==1)

解决方案2
 -1  2012-11-01 10:35:20

mysql_num_rows()可能返回超过1的值,可能是? 

<?php
require 'default.php';
if(isset($_POST['submit'])) {
  $username = $_POST['username'];
  $password = $_POST['password'];
  $username = stripslashes($username);
  $password = stripslashes($password);
  $username = mysql_real_escape_string($username);
  $password = mysql_real_escape_string($password);
  if (
    mysql_num_rows(mysql_query("SELECT `username` FROM `users` WHERE `username`='$username' LIMIT 0,1"))==1
    &&
    mysql_num_rows(mysql_query("SELECT `password` FROM `users` WHERE `password`='$password' LIMIT 0,1"))==1
  ) {
    echo 'you Have logged in successfully';
  }
  else {
    echo 'Incorrect username or password had been entered!';
  }
}

?>

或者使用> 0代替。 

<?php
require 'default.php';
if(isset($_POST['submit'])) {
  $username = $_POST['username'];
  $password = $_POST['password'];
  $username = stripslashes($username);
  $password = stripslashes($password);
  $username = mysql_real_escape_string($username);
  $password = mysql_real_escape_string($password);
  if (
  mysql_num_rows(mysql_query("SELECT `username` FROM `users` WHERE `username`='$username'")) > 0
  &&
  mysql_num_rows(mysql_query("SELECT `password` FROM `users` WHERE `password`='$password'")) > 0
  ) {
    echo 'you Have logged in successfully';
  }
  else {
    echo 'Incorrect username or password had been entered!';
  }
}

?>

或者这样简单...... 

<?php
require 'default.php';
if(isset($_POST['submit'])) {
  $username = $_POST['username'];
  $password = $_POST['password'];
  $username = stripslashes($username);
  $password = stripslashes($password);
  $username = mysql_real_escape_string($username);
  $password = mysql_real_escape_string($password);
  if (intval(mysql_result(mysql_query(sprintf("SELECT COUNT(*) AS found FROM `users` WHERE `username`='%s' AND `password`='%s'",$username,$password)),0)) > 0 ) {
    echo 'you Have logged in successfully';
  }
  else {
    echo 'Incorrect username or password had been entered!';
  }
}
?>

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP会话问题-检查登录 PHP登录表单问题 登录和登录表单问题 使用Jsoup提交登录表单时出现问题 简单登录表单的问题-PHP 根据mysql数据库检查php登录表单 从表单检查登录名,然后重定向到另一个页面 wp_login_form 身份验证问题 PHP的登录表格密码无效的消息问题 PHP / SQL登录表单有问题
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM