如何检查数据库是否包含用户名和密码?

时间:2013-10-23 14:59:53

标签: php mysql

我有以下代码 - 

<?php
$con=mysqli_connect("localhost","root","","my_db");
// Check connection
if (mysqli_connect_errno())
{
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

mysql_select_db("my_db");
$myusername=mysql_real_escape_string($_POST['myusername']);
$mypassword=mysql_real_escape_string($_POST['mypassword']);

echo $myusername . " " . $mypassword; 

$sql="SELECT id FROM EMPLOYEE WHERE username='" . $myusername . "' and password='" . $mypassword . "'";

$result=mysqli_query($con, $sql);

// If result matched $myusername and $mypassword, table row must be 1 row

if (mysql_num_rows($result) > 0) {
  // Register $myusername, $mypassword and redirect to file "login_success.php"
  $_SESSION["username"] = $myusername;
  $_SESSION["password"] = $mypassword;
  header("location:login_success.php");
} else {
  echo "Wrong Username or Password";
}

mysqli_close($con);
?>

Employee表包含 1管理员通行证 作为id用户名和密码

如果我将其输入表单并点击提交,则会打开此代码,即check_login.php 我已经回复了用户名和密码来检查它是否正确输入。 它在屏幕上显示ADMIN PASS。因此,用户名和密码输入正确无误。

现在唯一的问题是在employee表中“检查用户名和密码”。它不起作用。

请帮忙。

1 个答案:

答案 0 :(得分:0)

你走了:

    <?php
    $con=mysqli_connect("127.0.0.1", "root", "", "my_db");
    if (mysqli_connect_errno($con))
    {
        echo "MySql Error: " . mysqli_connect_error();
        }

    $query=mysqli_query($con,"SELECT * FROM employee WHERE username='$_POST[myusername]' && password='$_POST[mypassword]'");
    $count=mysqli_num_rows($query);
    $row=mysqli_fetch_array($query);

    if ($count==1)
    {
        session_start();
        $_SESSION['username'] = $_POST['myusername'];
        $_SESSION['password'] = $_POST['mypassword'];
        header("location: login_success.php");
        }
    else
    {
        echo "Invalid username or password";
        }   

    mysqli_close($con);
    ?>
相关问题
最新问题