如何解决我在PHP登录页面中遇到的错误?

时间:2015-01-07 12:53:27

标签: php

我正在尝试使用wamp服务器创建一个登录页面,请帮助我使用以下代码

 <?php
        $host = "localhost";
        $user = "root";
        $pass = "";
        $db ="test"; //database name

        if(isset($_POST['username']))
        {
        $username = $_POST['username']; 
        $password = $_POST['password'];



        $sql ="SELECT * FROM users WHERE username ='$username' AND password ='$password'";
        $result = mysqli_query($sql);  
        if(mysqli_num_rows($result==1)) 
        {
            echo "logged in successfully"."<br/>";
        }
        else
        {
            echo "invalid password or username retry";
        }
    }
 ?>

    <html>
        <head>
            <title>login</title>
            <meta charset="UTF-8">
            <meta name="viewport" content="width=device-width, initial-scale=1.0">
        </head>
        <body>
            <form name="login"  method="post" action="login.php">
                Username &nbsp;<input type="text" name="username">
                <br/><br/>
                Password &nbsp;<input type="password" name="password">
                <br/><br/>
                <input type="submit" value="login" name="submit">
            </form>
        </body>
    </html>

2 个答案:

答案 0 :(得分:1)

我认为你读过一些错误的文章并搞砸了。正确的代码应该是这样的

$host = "localhost";
$user = "root";
$pass = "";
$db ="test"; //database name

// This line connects to DB
$con = mysqli_connect($host, $user, $pass,$db) or die ("Please check your server connection.") ;


if(isset($_POST['username']))
 {
    // use mysqli_real_escape_string to prevent SQL Injection
    $username =  mysqli_real_escape_string($con,$_POST['username']); 
    $password =  mysqli_real_escape_string($con,$_POST['password']);

   //write a query to select
   $sql ="SELECT * FROM users WHERE username ='".$username."' AND password ='".$password."'"; 

   //execute the written query using mysqli_query()
   $result = mysqli_query($con,$sql);
   //----------------------^----------- This is the missed parameter
   //check the no of rows returned
   if(mysqli_num_rows($result) == 1) { echo "logged in successfully"; } 
   else { echo "invalid password or username retry"; }
 }

答案 1 :(得分:0)

该行

if(mysqli_num_rows($result==1)) // You are passing boolean parameter here.

不正确

应该是:

if(mysqli_num_rows($result)==1) // You are passing result set here, which is expected.
相关问题
最新问题