[英]Connection Failure on login PHP
我的任何一方都不了解此代碼的問題! 它確實起作用了,現在卻沒有了。 我無法登錄到“個人資料頁面”,任何人都可以看到並發出?
<?php
session_start();
$error='';
if (isset($_POST['submit']))
{
if (empty($_POST['username']) || empty($_POST['password']))
{
$error = "Enter username & password";
}
else {
// Define $username and $password
$username=$_POST['username'];
$password=$_POST['password'];
$connection = mysql_connect("localhost", "root", "");
echo($connection);
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$db = mysql_select_db("Windsor", $connection);
echo($db);
$sql = "SELECT * FROM PHP_Customer WHERE Email='$username' and Password='$password'";
echo($sql);
$result = mysql_query($sql);
$count=mysql_num_rows($result);
if ($count < 1)
{
$error = "Username or Password is incorrect";
}
else
{
$_SESSION['user_login'] = $username;
header('location: profile.php');
echo "hello world!"; // This is just for testing purposes
}
}
mysql_close($connection);
}
?>
正如我所說的,它確實可以工作,並且無論出於何種原因,它似乎都不再可用。
確定發現了幾個問題。
1)您在語句中使用小寫的“ AND”。 它應顯示為:
$sql = "SELECT * FROM PHP_Customer WHERE Email='$username' AND Password='$password'";
2)不要將mysql_select_db設置為變量並回顯它。 該行應顯示為:
mysql_select_db("Windsor", $connection);
3)不要回顯連接細節。
4)在您的mysql語句中添加一些錯誤檢查。
腳本現在應如下所示:
<?php
session_start();
$error='';
if (isset($_POST['submit']))
{
if (empty($_POST['username']) || empty($_POST['password']))
{
$error = "Enter username & password";
}
else {
// Define $username and $password
$username=$_POST['username'];
$password=$_POST['password'];
$connection = mysql_connect("localhost", "root", "") or die(mysql_error());
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
mysql_select_db("Windsor", $connection) or die(mysql_error());
$sql = "SELECT * FROM PHP_Customer WHERE Email='$username' AND Password='$password'";
$result = mysql_query($sql) or die(mysql_error());
$count=mysql_num_rows($result);
if ($count < 1)
{
$error = "Username or Password is incorrect";
}
else
{
$_SESSION['user_login'] = $username;
header('location: profile.php');
echo "hello world!"; // This is just for testing purposes
}
}
mysql_close($connection);
}
?>
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.