我正在尝试使用wamp服务器创建一个登录页面,请帮助我使用以下代码
<?php
$host = "localhost";
$user = "root";
$pass = "";
$db ="test"; //database name
if(isset($_POST['username']))
{
$username = $_POST['username'];
$password = $_POST['password'];
$sql ="SELECT * FROM users WHERE username ='$username' AND password ='$password'";
$result = mysqli_query($sql);
if(mysqli_num_rows($result==1))
{
echo "logged in successfully"."<br/>";
}
else
{
echo "invalid password or username retry";
}
}
?>
<html>
<head>
<title>login</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
<form name="login" method="post" action="login.php">
Username <input type="text" name="username">
<br/><br/>
Password <input type="password" name="password">
<br/><br/>
<input type="submit" value="login" name="submit">
</form>
</body>
</html>
答案 0 :(得分:1)
我认为你读过一些错误的文章并搞砸了。正确的代码应该是这样的
$host = "localhost";
$user = "root";
$pass = "";
$db ="test"; //database name
// This line connects to DB
$con = mysqli_connect($host, $user, $pass,$db) or die ("Please check your server connection.") ;
if(isset($_POST['username']))
{
// use mysqli_real_escape_string to prevent SQL Injection
$username = mysqli_real_escape_string($con,$_POST['username']);
$password = mysqli_real_escape_string($con,$_POST['password']);
//write a query to select
$sql ="SELECT * FROM users WHERE username ='".$username."' AND password ='".$password."'";
//execute the written query using mysqli_query()
$result = mysqli_query($con,$sql);
//----------------------^----------- This is the missed parameter
//check the no of rows returned
if(mysqli_num_rows($result) == 1) { echo "logged in successfully"; }
else { echo "invalid password or username retry"; }
}
答案 1 :(得分:0)
该行
if(mysqli_num_rows($result==1)) // You are passing boolean parameter here.
不正确
应该是:
if(mysqli_num_rows($result)==1) // You are passing result set here, which is expected.