$ _POST变量没有传递PHP

时间:2013-01-24 20:55:46

标签: php variables post

我知道关于这个主题还有很多其他问题,但它并不具体,我在使用mysql而不是mysqli时也有页面工作,我最近用mysqli修改了一些网页,所以更新以保持一致。 我玩过双引号,mysqli_real_escape_string,但$ sql字符串的输出是SELECT * FROM user_login WHERE username =''和password =''所以这显然是$ _POST []变量的问题。< / p>

非常感谢任何帮助。

我要发布的表单代码是;

<?php 
 session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login Page</title>
</head>

<body>
<table width="300" border="0" align="Center" cellpadding="0" cellspacing="1" bgcolor="="#cccccc">
<tr>
<form id="form1" name="form1" method="post" action="../customers/checklogin.php">
<td>
<table width = "100%" border ="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><p><Strong> CUSTOMER LOGIN </strong></p></td>
</tr>
<tr>
<td width = "78">Username</td>
<td widith = "6">:</td>
<td width = "294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login">   </td>
</tr>
</table>
</td>
</form>
</tr>
</table>

<form id="form2" name="logo" method="post" action="../customers/logout.php">
<input type="submit" name="logout" value="Logout">
</form>

</body>
</html>

虽然另一页是;

 <?php 
ob_start();
    session_start();
    echo session_id();

$host = "localhost";
$username="username";
$password = "password";
$db_name = "database";
$tbl_name = "user_login";

//Connect to server and select database
//mysql_connect("$host","$username","$password") or die("Cannot connect");
//mysql_select_db("$db_name") or die ("Cannot select Database");

$mysqli = new mysqli($host, $username, $password, $db_name);

/*if(isset($_SESSION["loggedin"]))
{
    die("you are already logged in");
}*/ // I had put this in but removed to debug

//username and password sent from the form, I have also tried with double quotes
$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];

//security to stop insertion of slashs

$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysqli_real_escape_string($myusername);
$mypassword = mysqli_real_escape_string($mypassword);
$sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result = mysqli_query($mysqli, $sql);

// Mysql_num_row is counting table row
$count = mysqli_num_rows($result);

//If result matched $myusername and $mypassword, table row must be 1 row
ob_clean();
if($count==1){
    //register $myusername and $mypassword and redirect to the file
    $_SESSION["loggedin"]= "YES";
    $_SESSION["username"] = $username;
//      $_SESSION["Hotel_Chain"] = mysqli_query($mysqli,"SELECT Hotel_Group FROM user_login WHERE username = '".$username."'");
header("Location: login_success.php"); 
exit();}

//  echo "it worked";   }
    else {
        echo "Wrong Username or Password";
        echo $sql;
        echo "<br /> Username : ";
        echo $myusername;
        echo "<br /> Password : ";
        echo $mypassword;
    }
//  ob_flush();
    ?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Check Login</title>
</head>

<body>
<?php 
if($_SESSION["loggedin"]<>"YES"){echo $count;
echo $sql;
?>
<form id="form5" name="backtomain" method="post" action="../customers/main_login.php">
<input type="Submit" name="backtomain" value="Try again" />
</form>    
<?php
}
else{
//  print mysqli_query($mysqli,$sql);
}
?>




</body>
</html>

1 个答案:

答案 0 :(得分:1)

尝试使用简单的引用和连接。

$sql = 'SELECT * FROM $tbl_name WHERE username="'.$myusername.'" AND password="'.$mypassword.'";

尝试在每个更改变量的函数之前和之后打印变量。 很容易理解会发生什么。