我有一个系统,用户根据其详细信息是否与我的数据库中存储的内容相匹配来登录。
循环访问数据库并检索记录的代码。
<?php
// Connects to your Database
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("users_db") or die(mysql_error());
//checks cookies to make sure they are logged in
if(isset($_COOKIE['username']))
{
$username = $_COOKIE['username'];
$pass = $_COOKIE['pass'];
$check = mysql_query("SELECT * FROM users WHERE user_name = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
$username = $row['user_name'];
$email = $row['user_email'];
}
//if the cookie has the wrong password, they are taken to the login page
?>
显示详细信息的代码。
<form action="profile.php" method="GET">
<p>
<label for="your-name">Username</label> <?php echo $_SESSION['username']; ?>
</p>
<p>
<label for="your-name">Password</label> <?php echo $_SESSION['password']; ?>
</p>
</form>
这是login.php中的代码,我在其中创建会话变量。
<?php
mysql_connect("localhost","root","");
mysql_select_db("users_db");
if(isset($_POST['login'])){
$password = $_POST['pass'];
$username = $_POST['username'];
$check_user = "select * from users where user_pass ='$password' AND user_name ='$username'";
$run = mysql_query($check_user);
if(mysql_num_rows($run)>0){
$_SESSION['username']=$username;
$_SESSION['pass']=$password;
//$pass = $_COOKIE['pass'];
echo "<script>window.open('home.php','_self')</script>";
}
else {
echo "<script>alert('Username or password is incorrect!')</script>";
}
}
?>
我可以出于某种原因显示用户名没有问题,但是密码无法显示,即这仅仅是为了测试,所以如果我显示密码并不重要,我将在以后更改。
答案 0 :(得分:0)
正如Dagon所说,你设置了$_SESSION['pass'],但是你试图获得$_SESSION['password']。
作为旁注,您似乎在数据库中以明文形式存储密码,即使您现在只是进行测试,也应该永远不会做。