我已经在这里完成了一个带有MySQL的php登录系统,但我现在想要当我在login.php中编写用户名时,它也可以是小写字母,当我登录时,那个我的用户名将更改为原始用户名,如何在数据库中注册。
<?php
session_start();
if(isset($_SESSION["username"]))
header("location:h_inc/h_pages/me.php");
if(isset($_POST["submit"])){
if(empty($_POST["username"]) || empty($_POST["password"])){
$empty_fields = array();
$empty_fields['error'] = "<font color=\"red\">Please fill all fields.</font>";
}else{
if(mysql_num_rows(mysql_query("SELECT * FROM users WHERE username = '".mysql_real_escape_string($_POST["username"])."' AND password = '".mysql_real_escape_string(md5($_POST["password"]))."' AND rank = '9'")) > 0){
$empty_fields['true'] = "<font color=\"green\">You are now logged in.</font>";
$_SESSION["username"] = $_POST["username"];
$_SESSION["password"] = md5($_POST["password"]);
echo "<script type='text/javascript'> window.location.href = 'index.php';</script>";
}else{
$empty_fields['error'] = "<font color=\"red\">Your datas are incorrect.</font>";
}
}
}
?>
答案 0 :(得分:0)
而不是mysql_num_rows从查询中获取结果并使用其中的值来显示用户名。
正如@Naruto在评论中指出的那样:考虑切换到PDO。
答案 1 :(得分:0)
返回您的查询值,然后从返回值中获取原始名称并将其分配给会话变量
$result = mysql_query("SELECT * FROM users WHERE username = '".mysql_real_escape_string($_POST["username"])."' AND password = '".mysql_real_escape_string(md5($_POST["password"]))."' AND rank = '9'");
if($result) {
while ($row = mysql_fetch_array($result)) {
$username = $row["username"];
}
$_SESSION["username"] = $username;
$_SESSION["password"] = md5($_POST["password"]);
echo "<script type='text/javascript'> window.location.href = 'index.php';</script>";
}else{
$empty_fields['error'] = "<font color=\"red\">Your datas are incorrect.</font>";
}