我正在制作一个登录系统,我在其他网站上使用了类似的代码,但它似乎似乎没有提交给我?没有错误,页面保持完全相同。任何人有任何想法
<?php
if(isset($_POST['submit'])){
$user = $_POST["user"];
$raw = $_POST["password"];
$hash = md5($raw);
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
$con=mysqli_connect("localhost","bans","(My Password Here)","bans");
if (mysqli_connect_errno()) {
echo "Error ";
}
$check = mysqli_query("$con, SELECT hash FROM panel WHERE user = '$user'");
if ($hash == $check) {
$insert = mysqli_query("$con, INSERT INTO panel (online, ip)
VALUES ('1', '$ip')");
} else {
echo '<div class="alert alert-danger">You are not staff/have entered incorrect information!</div>';
}
}
?>
答案 0 :(得分:0)
if(isset($_POST['submit']))也许这是你现在没有的按钮。试试if(isset($_POST["user"])):)
答案 1 :(得分:-1)
您
$check = mysqli_query("$con, SELECT hash FROM panel WHERE user = '$user'");
应该更像
$check = mysqli_query($con, "SELECT hash FROM panel WHERE user = '$user'");
在你开始SQL injection
之后