当我提交密码和用户名时,php的配置文件只是空白。为了知道问题是什么,我回复所有错误消息。在$ count查询中,我写了一条错误消息,即"电子邮件和密码不匹配。"
if($count===1)
{
$_SESSION['logged_in'] = true;
header("location:index.php");
exit;
}
else
{
echo "the emailand password doesn't match.";
exit;
}
当我重新提交登录表单时,它会打印出回声"用户名和密码不匹配。"我在表中检查了密码和用户名是否正确。
这是完整的脚本:
error_reporting(E_ALL ^ E_NOTICE);
ini_set("display_errors", true);
error_reporting(-1);
ini_set('display_errors', 'On');
$mysqli = new mysqli("com", "ih", "th", "rcser");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$myemail= $_POST['myemail'];
$mypassword= $_POST['mypassword'];
$sql= "SELECT * FROM user WHERE myemail = ? and mypassword = ?";
/* create a prepared statement */
if ($stmt = $mysqli->prepare($sql)) {
/* bind parameters for markers */
$stmt->bind_param("ss", $myemail, $mypassword);
/* execute query */
$stmt->execute();
/* count */
$count = $stmt->num_rows;
/* close statement */
$stmt->close();
}
/* close connection */
$mysqli->close();
if($count===1){
$_SESSION['logged_in'] = true;
header("location:index.php");
exit;
}
else
{
echo "the email and password doesn't match.";
exit;
}
ob_end_flush();
?>
答案 0 :(得分:0)
可能错误在于是否在查询中:
$sql = "SELECT * FROM user WHERE myemail=".$_POST['myemail']." AND mypassword=".$_POST['mypassword']."";
或者
$sql = "SELECT * FROM user WHERE myemail=".$myemail." AND mypassword=".$mypassword."";
试试吧