我正在尝试使用我的数据库检查用户名和密码。但是,每当我尝试使用密码“12341”登录我的“管理员”帐户时,它都不会给我我想要的结果。
的login.php
<div align="center" position="fixed" >
<form action="login_process.php" method="post">
<input name="username" type="text" value="" size="9"><br>
<input name="pass" type="password" value="" size="9"><br>
<input type="submit" value="Log in">
</form>
</div>
login_process.php
require_once('db_conn.php');
if (!isset($_POST['username']) || !isset($_POST['pass'])) {
echo 'U moet een gebruikersnaam en wachtwoord invoeren!';
exit;
}
$sql = "SELECT `username`,`password` \n"
. "FROM `tryusers` \n"
. "WHERE `username` = \'Admin\'\n"
. "AND `password` = \'12341\'";
$sql = "SELECT `username`,`password` FROM `tryusers` WHERE `username` = " . $_POST['username'] . " AND password = " . $_POST['pass'] . "";
$results = $conn->query($sql);
var_dump('postuser',$_POST['username'],'<br>');
var_dump('postpass',$_POST['pass'],'<br>');
if(!$results){
echo 'no results';
} else {
echo $results;
}
db_conn.php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "trybase";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
感谢任何帮助。
此致 SEM
答案 0 :(得分:0)
你必须在变量周围做引号:
$sql = "SELECT `username`,`password` FROM `tryusers` WHERE `username` = '" . $_POST['username'] . "' AND password = '" . $_POST['pass'] . "'";
或者更好地使用准备好的陈述。
答案 1 :(得分:0)