下工作,我想提出一个登录页面,HTML部分是:登录脚本只特定条件
<form action="login.php" method="post">
Email: <input type="email" placeholder="Email" name="email">
Password: <input type="password" placeholder="Password" name="password">
<input name="submit" type="submit" value=" Login ">
</form>
而且login.php中页面
<?php
if (isset($_POST['submit']))
{
if (empty($_POST['email']) || empty($_POST['password']))
{
$error = "email or Password is invalid";
}
else
{
// Define $email and $password
$email=$_POST['email'];
$password=$_POST['password'];
// To protect mysqli injection for Security purpose
$email = stripslashes($email);
$password = stripslashes($password);
$email = mysqli_real_escape_string($email);
$password = mysqli_real_escape_string($password);
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$connection = mysqli_connect("abc.com", "abc", "123");
// Selecting Database
$db = mysqli_select_db("dealapp", $connection);
// SQL query to fetch information of registerd users and finds user match.
$query = mysqli_query("select * from users where password='$password' AND email='$email'", $connection);
$rows = mysqli_num_rows($query);
if ($rows == 1)
{
$_SESSION['login_user']=$email; // Initializing Session
header("location: index.html"); // Redirecting To Other Page
}
else
{
$error = "email or Password is invalid";
}
mysqli_close($connection); // Closing Connection
}
}
?>
有迹象表明,我的两个问题面临:
1)当我使用striplashes
和mysql_real_escape_string
,该程序显示以下错误,我无法进行数据库连接。但如果我删除它们,那么它运行正常。我无法理解为什么会发生这种情况。
Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/10/10898710/html/dealapp/admin/login.php
2)我的第二个问题是,我想如果用户输入一个错误的电子邮件/密码重定向的页面,但也不是当我使用重定向代码,它被重定向,也不是显示错误消息我已经尝试了上面的代码。然而,当登录细节是真实的,然后它完美地工作。
任何帮助/指导,将不胜感激。
PS-我现在所做的更改和使用SQLI,但STIL它显示错误
作为一个便笺,你需要考虑'PDO'或'MySQLi'而不是'mysql_'函数,因为它们已被弃用且已过时 – 2014-08-27 10:14:54