尝试为Admin / User PHP创建登录

时间:2014-04-02 12:04:50

标签: php mysql forms login admin

我正在尝试从同一表单为用户和管理员创建登录,根据他们是管理员还是用户将其重定向到某个页面。

我在我的数据库中为admin创建了一个列,并声明admin = 1.在输入我的管理员和用户的详细信息时,我似乎收到此错误。

  

致命错误:在非对象中调用成员函数query()   ...第31行的root \ CheckLogin.php

感谢任何帮助,谢谢!

<?php
session_start();
if(!isset($_SESSION['username'])){
    // not logged in
}
?>

<?php

$host="localhost"; // Host name 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

// Query
global $dbh
$result= $dbh->query("SELECT * FROM members WHERE username='$myusername' AND password='$mypassword';");

// Mysql_num_row is counting table row
$count = $result->rowCount();

// Determine if user is "user" or "admin"
$usertype = $dbh->query("SELECT admin FROM members WHERE username='$myusername';");
$row = mysql_fetch_row($usertype);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file 
session_start();
$_SESSION['username'] = '$username';
$_SESSION['password'] = '$password'; 
$_SESSION['admin'] = $row;

// Redirect to appropriate page depending on user rights. Indicator 0 for user, 1 for admin.
if ($_SESSION['admin'] == 1){
    header("location:Admin.php");
    }
else {
    header("location:SuccessLogin.php");
    }
$dbh = null;
}
else {
echo "";
}
?> 

<html>
<body>
<head>
<title>Login</title>
<link rel="stylesheet" href="style.css" />
<link rel='stylesheet' type='text/css'>
</head>
<div class="lg-container">
<center><i>Wrong Username or Password</i></center>
</body>
</html>

4 个答案:

答案 0 :(得分:1)

您应该将mysql_connect("$host", "$username", "$password")or die("cannot connect");分配给$dbh,如下所示:

$dbh = mysql_connect("$host", "$username", "$password")or die("cannot connect");

将连接变量传递给myslq_select_db

mysql_select_db("$db_name", $dbh)or die("cannot select DB");

答案 1 :(得分:1)

完整代码

<?php
session_start();
if (!isset($_SESSION['username'])) {
    // not logged in
}
?>

<?php
$host = "localhost"; // Host name 
$username = ""; // Mysql username 
$password = ""; // Mysql password 
$db_name = "test"; // Database name 
$tbl_name = "members"; // Table name 
// Connect to server and select databse.
$dbh=mysqli_connect($host, $username, $password,$db_name) or die("Error " . mysqli_error($dbh));

// username and password sent from form 
$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];

// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);


$result = $dbh->query("SELECT * FROM members WHERE username='$myusername' AND password='$mypassword';");

// Mysql_num_row is counting table row
$count = $result->num_row;

// Determine if user is "user" or "admin"
$usertype = $dbh->query("SELECT admin FROM members WHERE username='$myusername';");
$row = $usertype->fetch_row();

// If result matched $myusername and $mypassword, table row must be 1 row
if ($count == 1) {

// Register $myusername, $mypassword and redirect to file 
    session_start();
    $_SESSION['username'] = '$username';
    $_SESSION['password'] = '$password';
    $_SESSION['admin'] = $row;

// Redirect to appropriate page depending on user rights. Indicator 0 for user, 1 for admin.
    if ($_SESSION['admin'] == 1) {
        header("location:Admin.php");
    } else {
        header("location:SuccessLogin.php");
    }
    $dbh = null;
} else {
    echo "";
}
?> 

<html>
    <body>
    <head>
        <title>Login</title>
        <link rel="stylesheet" href="style.css" />
        <link rel='stylesheet' type='text/css'>
    </head>
    <div class="lg-container">
        <center><i>Wrong Username or Password</i></center>
    </body>
</html>

答案 2 :(得分:0)

您错过了第31行中的;

global $dbh

应该是

global $dbh;

答案 3 :(得分:0)

以下链接有一个代码块。

http://www.php.net/manual/en/pdostatement.rowcount.php 

<?php
/* Delete all rows from the FRUIT table */
$del = $dbh->prepare('DELETE FROM fruit');
$del->execute();

/* Return number of rows that were deleted */
print("Return number of rows that were deleted:\n");
$count = $del->rowCount();
print("Deleted $count rows.\n");
?>

您可以尝试根据此更新代码吗?链接有不同的用法。

相关问题
最新问题