我尝试按照本教程编写注册/登录脚本 - tutorial
我已将已弃用的功能更改为我在网络上找到的内容,但在输入正确的登录详细信息时,这就是我得到的内容 - screenshot
我想它应该带我到main_login.php并说"登录成功"。 我做错了什么?
main_login.php
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
checklogin.php
<?php
session_start();
ob_start();
$host="localhost"; // Host name
$username="lowheigh_user"; // Mysql username
$password="1234"; // Mysql password
$db_name="lowheigh_phplogin"; // Database name
$tbl_name="users"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
//if (!isset($_SESSION[$myusername]))
$_SESSION['myusername'] = $myusername;
//if (!isset($_SESSION[$mypassword]))
$_SESSION['mypassword'] = $mypassword;
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
login_success.php
// Check if session is not registered, redirect back to main page.
// Put this code in first line of web page.
<?PHP
session_start();
if (!isset($_SESSION['myusername'])) {
header('location:main_login.php');
}
?>
<html>
<body>
Login Successful
</body>
</html>
答案 0 :(得分:1)
你的php评论不在login_success.php的php之外。变化:
// Check if session is not registered, redirect back to main page.
// Put this code in first line of web page.
<?PHP
....
到此:
<?PHP
// Check if session is not registered, redirect back to main page.
// Put this code in first line of web page.
....