我不知道这个PHP代码我错在哪里。当我点击登录页面登录时,用户名和密码将在此代码中检入,它应该重定向到'dashboard.php',但该过程在此页面上结束。它显示为空白。请有人能告诉我我做错了吗?
<?php
include('db.php');
flush();
//error_reporting(1);
$username=$_POST['username'];
$password=sha1($_POST['password']);
$username = stripslashes($username);
$password = stripslashes($password);
$sql="SELECT * FROM user_qc WHERE qc_user_name='$username' and qc_pass='$password'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
session_start();
$_SESSION['log'] = 'in';
$_SESSION['username']= $username;
header("Location:dashboard.php");
}
?>
答案 0 :(得分:0)
在MySQL查询中使用时,PHP变量应该用双引号(“”)。
<?php
include('db.php');
flush();
//error_reporting(1);
$username=$_POST['username'];
$password=sha1($_POST['password']);
$username = stripslashes($username);
$username = mysqli_real_escape_string($username);
$password = stripslashes($password);
$password = mysqli_real_escape_string($password);
$sql="SELECT * FROM user_qc WHERE qc_user_name='".$username."' AND qc_pass='".$password."'";
$result=mysqli_query($connection, $sql);
$count=mysqli_num_rows($result);
if($count==1){
session_start();
$_SESSION['log'] = 'in';
$_SESSION['username']= $username;
header("Location:dashboard.php");
}
?>
不要使用mysql而是使用mysqli或PDO
答案 1 :(得分:0)
更改标题并在$ sql中使用“” 我认为这将解决问题。 抱歉英语不好。
<?php
include('db.php');
flush();
//error_reporting(1);
$username=$_POST['username'];
$password=sha1($_POST['password']);
$username = stripslashes($username);
$password = stripslashes($password);
$sql="SELECT * FROM user_qc WHERE qc_user_name='".$username."' AND qc_pass='".$password."'";
$result=mysqli_query($connection, $sql);
$count=mysqli_num_rows($result);
if($count==1){
session_start();
$_SESSION['log'] = 'in';
$_SESSION['username']= $username;
header("Location:http://yoursite/.../dashboard.php");
}
?>