MySql查询登录无效

时间:2013-10-16 04:14:24

标签: php mysql

我开发了一个用于登录的登录表单,但是当我尝试登录时,它无法通过。下面是我使用的代码的一部分。当我回显$num = mysql_num_rows()时,$num的部分返回零。为什么会那样?我的INSERT查询似乎没有返回结果。请帮忙。

if ($warning==''){  
        $query="SELECT first_name FROM tblusers WHERE (email='$username') AND (password='".md5($_POST['password'])."')";
        $result=@mysql_query($query);
        $num = mysql_num_rows($result);
        @mysql_close();
        echo $num."perfecto".$result;           
        if($num==1)
        {
            $u=new User($username);
            include ('includes/highlight.inc.php');
            //insert user into session
            if ($username=='admin'){
                $_SESSION['user']=$username;
                $p=new Page('Log In'.$username);
                $p->setHeading('Welcome '.$u->getFirstName());
                $p->setContent($cont."<br/><br/><br/> Use the administrator's panel on the right to do the administration work of the 
                                website. To block and unblock users you use the <font color=red><b>View Auctions</b></font> link, and 
                                that is when you can block the user after assessing their record.");
                $p->printIt();
            } else {
            $_SESSION['user']=$username;
            $p=new Page('Log In'.$username);
            $p->setHeading('Welcome '.$u->getFirstName());
            $p->setContent($cont."<br/><br/><br/>".$text);
            $p->printIt(); }

        }

2 个答案:

答案 0 :(得分:0)

将您的查询字符串更改为:

$query="SELECT first_name FROM tblusers WHERE email='".$username."' AND password='".md5($_POST['password'])."'";

并使用echo $query检查查询字符串以确保其正确

答案 1 :(得分:0)

更改您的查询字符串,如下所示:

$password = md5($_POST['password']);
$query = "SELECT first_name FROM tblusers WHERE email='".$username."' AND password = '".$password."'";

希望这可以帮助你。

相关问题
最新问题