<form action = "index.php" method = "post">
username : <input type = "text" name = "uname" /><br>
password : <input type = "text" name = "pass" /><br>
submit : <input type = "submit" name = "submit" value = "submit" />
</form>
<?php
if(isset($_SESSION['id'])){echo $_SESSION['id'];}
if(isset($_POST['submit'])){
if ($_POST['submit'] == 'submit'){
$uname = $_POST['uname'];
$pass = $_POST['pass'];
$db = "davidedwardcakes";
$connect = mysql_connect('localhost', 'root', 'wtfiwwu');
$db_connect = mysql_selectdb($db, $connect);
if(!$db_connect){echo 'no';}
$query = "SELECT * FROM `users` WHERE uname ='$uname' AND pass = '$pass'";
$result = mysql_query($query, $connect);
if(mysql_num_rows($result) > 0){//echo 'index failed'; var_dump($result);}
while($row = mysql_fetch_array($result)){echo $row['uname']
. "<br>";
session_start();
echo '<a href = "test.php">peruse</a>';
$_SESSION['id'] = $row['id'];}}
else{echo 'lol'; var_dump($query);}}
每当我想登录,我得到的错误: 字符串 'SELECT * FROM用户WHERE UNAME =' 棕 '并通过= '健二''(长度= 61)mysql_num_rows()返回零
这意味着我的$查询有问题。如果我从$ query中删除$ pass查询,它可以正常工作,但不包括它在内。任何人都可以帮忙吗?
咦?为什么这意味着查询有问题?这是你的'var_dump'代码。 – BenM
这不是一个错误。这是你的'var_dump($ query);'代码。 –
1.不要将密码存储为纯文本。 2.不要使用'mysql_ *'函数;他们已被弃用。 3.你的代码对SQL注入是开放的...... – BenM