我创建了一个带有显示jQuery的图片幻灯片的页面。我还搜索到用户可以从数据库中搜索房屋,并且此代码可以查找。当我添加php代码以便允许用户登录并尝试运行它时页面出现空白,为什么会这样?
这是我的代码
session_start();
include "connect.php";
if (isset($_POST['username']) and isset($_POST['password'])){
$username = $_POST['username'];
$password = $_POST['password'];
$query = ($con "SELECT * FROM login WHERE username='$username' and password= '$password'");
$result = mysqli_query($query) or die(mysqli_error());
$count = mysqli_num_rows($result);
if ($count == 1){
$_SESSION['username'] = $username;
}else {
echo "Invalid Login Credentials.";
}
if (isset($_SESSION['username'])){
$username = $_SESSION['username'];
echo "Hello " . $username . "";
echo "This is the Members Area";
echo "<a href='logout.php'>Logout</a>";
}
?>
答案 0 :(得分:1)
首先,您没有将您的连接传递给您的查询,并且您有一个缺失的大括号。
if (isset($_POST['username']) and isset($_POST['password']))的那个应该封装整个PHP。
旁注:使用$con作为连接变量的参数。
<?php
session_start();
include "connect.php";
if (isset($_POST['username']) and isset($_POST['password'])){
$username = $_POST['username'];
$password = $_POST['password'];
$query = "SELECT * FROM login WHERE username='$username' and password='$password'";
$result = mysqli_query($con, $query) or die(mysqli_error());
$count = mysqli_num_rows($result);
if ($count == 1){
$_SESSION['username'] = $username;
}else {
echo "Invalid Login Credentials.";
}
if (isset($_SESSION['username'])){
$username = $_SESSION['username'];
echo "Hello " . $username . "";
echo "This is the Members Area";
}
} // closing brace for if (isset($_POST['username']) and isset($_POST['password']))
echo "<a href='logout.php'>Logout</a>";
?>
我注意到您可能以纯文本格式存储密码。如果是这种情况,则非常气馁。
我建议您使用CRYPT_BLOWFISH或PHP 5.5&#39 {s} password_hash()功能。对于PHP&lt; 5.5使用password_hash() compatibility pack。