1. 首页
  2. 问答
  3. 登录页面错误

登录页面错误

2017-05-16 136 views
1

这是我的登录页面。我可以登录时,我把相关的用户名和密码,并不能登录,如果他们不匹配。但事情是我仍然有登录权限,当我不输入任何用户名,密码并单击登录按钮。登录页面错误

这是索引页

<html> 
<head> 
<title>Login</title> 
<link rel="stylesheet" type="text/css" href="login.css"> 
</head> 

<body> 
<div class="login-page"> 
    <form method="post" class="form" action="login.php"> 

     <input type="text" id="user" name="user" placeholder="username"/> 
     <input type="password" id="pass" name="pass" placeholder="password"/> 
     <button type="submit" name="submit" id="btn">login</button> 

    </form> 
</div> 
</body> 
</html>

这是login.php中

<?php 

    //get values passe from form in login.php file 
    $username = $_POST['user']; 
    $password = $_POST['pass']; 

    //to prevent sql injection 
    $username = stripslashes($username); 
    $password = stripslashes($password); 
    $username = mysql_real_escape_string($username); 
    $password = mysql_real_escape_string($password); 

    //connect to the server and select database 
    mysql_connect("localhost","root",""); 
    mysql_select_db('laboursalary'); 

    //query the database for user 
    $result = mysql_query("SELECT * FROM login WHERE username= '$username' and password='$password'") 
       or die("Failed to query database" .mysql_error()); 
    $row = mysql_fetch_array($result); 
    if ($row['username']==$username && $row['password']==$password) { 
     header("Location: ../projectdetails/index.php"); 

    } elseif ($row['username']=="" && $row['password']==""){ 
     echo "Failed to login"; 
    } else { 
     echo "Failed to login"; 
    } 


?>

来源

2017-05-16 Lisa234

+0

警告mysql_query,mysql_fetch_array,mysql_connect等..扩展名在PHP 5.5.0中被弃用,并且在PHP 7.0.0中被删除。相反,应该使用MySQLi或PDO_MySQL扩展。 – Melchizedek

回答

3 
<?php 
if(isset($_POST['submit'])) 
{ 
    //get values passe from form in login.php file 
    $username = mysql_real_escape_string($_POST['user']); 
    $password = mysql_real_escape_string($_POST['pass']); 


    //connect to the server and select database 
    mysql_connect("localhost","root",""); 
    mysql_select_db('laboursalary'); 

    //query the database for user 
    $result = mysql_query("SELECT * FROM login WHERE username= '$username' and password='$password'"); 
    $row = mysql_num_rows($result);   
    if($row == 1) 
    { 
     header("Location: ../projectdetails/index.php"); 

    } else { 
     echo "Failed to login"; 
    } 
} 

?>

来源

2017-05-16 04:57:45

+0

非常感谢。它工作正常:) – Lisa234

+0

欢迎@ Lisa234 –

2

这意味着您在使用用户名和密码为空一行。删除表中的这些行并更新下面的代码。

if ($username != "" && $password !=""){ 
//query the database for user 
    $result = mysql_query("SELECT * FROM login WHERE username= '$username' and password='$password'") 
       or die("Failed to query database" .mysql_error()); 
    $row = mysql_fetch_array($result); 
    if ($row['username']==$username && $row['password']==$password) { 
     header("Location: ../projectdetails/index.php"); 

    } else { 
     echo "Failed to login"; 
    } 
} else 
     echo "Failed to login"; 
    }

注:也改变你的mysql连接的mysqli或PDO。因为它在最新的PHP版本中已被弃用。

来源

2017-05-16 03:25:09 Naga

相关问题

 相关问题