我无法将$name0传递给我项目的admin.php。我正在登录login.php。但是在查询了用户名和密码之后,我希望第一个名字出现在admin.php,这是我到目前为止的工作
if(isset($_POST['btnlogin'])){
$username = addslashes($_POST['txtusername']);
$password = addslashes($_POST['txtpassword']);
include 'db_connection.php';
$sel_admin = "SELECT * FROM users WHERE user_username='$username'";
$rs_admin = mysql_query($sel_admin);
$rs_count = mysql_num_rows($rs_admin);
if($rs_count<1){
echo 'Invalid username!';
}else{
$admin_info = mysql_fetch_array($rs_admin);
$adminid = $admin_info['user_id'];
$db_password = $admin_info['user_password'];
if($password == $db_password){
$_SESSION['user_id'] = $adminid;
$name0 = $_POST["'select user_firstname from users WHERE user_username='$username'"];
header("location: admin.php");
}
else{
echo 'Incorrect password!';
}
}
}
答案 0 :(得分:0)
有人通过登录表单发布到您的脚本。该表单的值显示在$ _POST数组中。这就是你从$_POST['btnlogin']获得的地方。除非您的表单中包含名称为"'select user_firstname from users WHERE user_username='$username'"的字段,否则代码$name0 = $_POST["'select user_firstname from users WHERE user_username='$username'"];中的行无效。
我知道你想将用户的名字传递给admin.php。您不需要查询,因为您刚查询"SELECT * FROM users WHERE user_username='$username'",因此您的名字已经为$sel_admin['user_firstname']。
最好的办法是在会话中存储名字:
$_SESSION['user_firstname'] = $sel_admin['user_firstname'];
header("location: admin.php")将您的用户发送到admin.php,您可以从$_SESSION['user_firstname']读取名字 - 只要您在此脚本的开头和管理员处都执行了session_start() .PHP
答案 1 :(得分:0)
此代码已经过测试,并会为您完成。将其标记为正确答案,因为它将解决您的问题。
首先创建表并插入用户
create table users(username varchar(100), password varchar(100)
insert into users values ('sectona','sectona234');
<?php
$db = new PDO (
'mysql:host=localhost;dbname=yourdbname;charset=utf8',
'root', // username
'root44' // password
);
?>
signin.php
<?php
error_reporting(0);
?>
<?php ob_start(); ?>
<?php
session_start();
require("db.php");
//from form inputs
$username=strip_tags($_POST["txtusername"]);
$password=strip_tags($_POST["txtpassword"]);
/*
$username='sectona';
$password='sectona123';
*/
// validate username
$result = $db->prepare('SELECT * FROM users where username = :username');
$result->execute(array(
':username' => $username
));
$nosofrows = $result->rowCount();
if ($nosofrows ==0)
{
echo '<br><b><font color=red><b></b>Username is Incorrect</font></b><br>';
exit();
}
//validate password
$result = $db->prepare('SELECT * FROM users where password = :password');
$result->execute(array(
':password' => $password
));
$nosofrows = $result->rowCount();
//if ($nosofrows < 1)
if ($nosofrows ==0)
{
echo '<br><b><font color=red><b></b>Password is Incorrect</font></b><br>';
exit();
}
// check login
$statement = $db->prepare('
SELECT * FROM users
WHERE username = :username
AND password = :password
');
$statement->execute(array(
':username' => $username,
':password' => $password));
if ($row = $statement->fetch()) {
session_regenerate_id();
$_SESSION['SESS_PASWWORD'] = $row['password'];
$_SESSION['SESS_USERNAME'] = $row['username'];
$user=$pid=htmlentities($row['username'], ENT_QUOTES, "UTF-8");
echo "Welcome Mr/Mrs <b>".$user."</b> <font color=pink>you are signed in successfully. <br>Redirecting in 2 seconds</font> <img src=loader.gif>";
echo '<script>
window.setTimeout(function() {
window.location.href = "admin.php";
}, 2000);
</script>';
}else{
echo '<font color=red size=2><b>Either of your details is wrong. You are trying to use login accounts that belongs to another
person</b></font>';
}
?>
admin.php
<html><head></head><body>
Welcome <?php
session_start();
echo htmlentities($_SESSION['SESS_USERNAME']); ?>
</body></html>
如果能解决您的问题,请将其标记为正确答案