有人可以向我推进正确的方向并告诉我这个代码有什么问题。我没有收到任何错误,但它没有登录我。 我的想法是在sql数据库中有一行名为memb的行,并检查状态是1还是0.如果是1,它将带你到安全页面,如果是0,它会给你子网页
<?php
require_once('config.php');
if(isset($_POST['Login']) && isset($_POST['uname']) && isset($_POST['pass1'])) {
// Here check if all input are sent
$uname = $sql-> real_escape_string($_POST['uname']);
$pass1 = $sql-> real_escape_string($_POST['pass1']);
if ( !empty($uname) && !empty($pass1)) {
// Check if you input are not empty
$query= mysqli_query($sql,"SELECT * FROM login WHERE uname='".$uname."' AND pass='".$pass1."' && memb='?'");
if(!$query){ die(mysqli_error($sql)); }
$checkuser= mysqli_num_rows($query);
if($checkuser != 1) {
$error = "Username doesn't exist in our database!";
}
// Change $login with $query
while ($row = mysqli_fetch_array($query)) {
$checkpass= $row['pass'];
while ($row = mysqli_fetch_array($query)) {
$checkmemb= $row['memb'];
// here i changed $pass1 to $checkpass
if ($pass1 == $checkpass && $memb == 0){
setcookie("user", $uname, time()+7200);
$_SESSION['user'] = $uname;
$_SESSION['start'] = time();
$_SESSION['expire'] = $_SESSION['start'] + (60 * 60 * 60);
header("Location: pay.php");
exit();
} elseif($pass1 == $checkpass && $memb == 1) {
setcookie("user", $uname, time()+7200);
$_SESSION['user'] = $uname;
$_SESSION['start'] = time();
$_SESSION['expire'] = $_SESSION['start'] + (60 * 60 * 60);
header("Location: main.html");
exit();
}
}
}
}
}
答案 0 :(得分:0)
尝试更改此内容:
if(isset($_POST['Login']) && isset($_POST['uname']) && isset($_POST['pass1'])) {
// Here check if all input are sent
为:
if(isset($_POST['uname']) && isset($_POST['pass1'])) {
// Here check if all input are sent
没有测试,这只是一个快速查看的猜测。 但它似乎没有做任何事情,因为你的输入检查失败了。