它不工作,我花了几个小时和一半的头发试图找出原因。我已经在我的HTML索引文件嵌入这个代码的形式:代码登录和数据库连接在PHP
我想创建登录和注销会话
我在MySQL数据库表中的代码看起来像这样
CREATE TABLE member (id int(10) NOT NULL auto_increment, userName varchar(50) NOT NULL, passWord varchar(50) NOT NULL, PRIMARY KEY (id)) ENGINE=MyISAM utf8_general_ci AUTO_INCREMENT=3 ;
<?php
// Inialize session
session_start();
// Include database connection settings
$hostname = 'localhost'; // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet.
$dbname = 'database'; // Your database name.
$username = 'root'; // Your database username.
$password = ''; // Your database password. If your database has no password, leave it empty.
// Let's connect to host
mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
// Select the database
mysql_select_db($dbname) or DIE('Database name is not available!');
// Retrieve username and password from database according to user's input
$userName=mysql_real_escape_string($_POST['username']);
$password=mysql_real_escape_string($_POST['password']);
$passWord=md5($password); // Encrypted Password
//*********retrieving data from Database**********
$query = "SELECT * FROM member WHERE userName='$userName' and passWord='$passWord'";
//$login = mysqli_query("SELECT userName,password FROM 'member' WHERE userName= $_post['username'] AND passWord= $_post['password'])");
// Check username and password match
$res = mysql_query($query);
$rows = mysql_num_rows($res);
if ($rows==1) {
// Set username session variable
$_SESSION['userName'] = $_POST['username'];
// Jump to secured page
header("Location: securedpage.php");
}
else {
// Jump to login page
echo "user name and password not found";
}
exit;
?>
而登录它直接找到用户名和密码,甚至找不到用户名和密码,甚至用户名和密码都是正确的
这应该很容易调试。你到目前为止做了哪些故障排除? –
这里有很多红旗 - 'mysql_'弃用,纯文本密码存储,没有MySQL root密码等。我建议在谷歌搜索“PHP MySQL登录”之后从头开始重新考虑这个 – jterry
@ jterry密码可能已被删除而不是把它粘贴到世界上去看......但是,这里有很多问题。 – naththedeveloper