我正在尝试将我的html的登录信息与来自sql db的注册信息进行比较,但是如果我让它们空白并点击登录按钮,它会将我重定向到预订页面。我该如何解决这个问题?
<?php
$con=mysqli_connect("","","","");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$uemail = mysqli_real_escape_string($con, $_POST['uemail']);
$password = mysqli_real_escape_string($con, $_POST['password']);
$DBsql = mysql_query("SELECT 'email', 'password1' FROM register WHERE email = $uemail");
$sql = mysql_fetch_array($DBsql);
if(($_POST['uemail'] == $sql['email']) && ($_POST['password'] == $sql['password1'])) {
echo 'You have succesfully loged in';
header("Location: http://dev.medialab.teicrete.gr/3597/availability.html");
}
else {
echo 'One or more fields are not valid';
header("Location: http://dev.medialab.teicrete.gr/3597/reservation.html");
}
mysqli_close($con);
exit;
?>