我目前在将数据库中的md5密码与用户输入的数据进行匹配时遇到问题,我知道我不应该使用这种类型的密码匹配,但我想知道为什么这不起作用。
这是我的登录脚本
<?php
//Login Script
if (isset($_POST["user_login"]) && isset($_POST["password_login"])) {
$user_login = $_POST["user_login"];
$password_login = $_POST["password_login"];
$md5password_login = md5($password_login);
$sql = mysqli_query($conn, "SELECT id FROM users2 WHERE username='$user' AND password='$md5password_login' LIMIT 1"); // query the person
//Check for their existance
$userCount = mysqli_num_rows($sql); //Count the number of rows returned
if ($userCount == 1) {
while($row = mysqli_fetch_array($sql,MYSQLI_ASSOC)) {
$rahul = $row["id"];
}
$_SESSION["id"] = $rahul;
$_SESSION["user_login"] = $user_login;
$_SESSION["password_login"] = $password_login;
exit("<meta http-equiv=\"refresh\" content=\"0\">");
} else {
echo 'That information is incorrect, try again';
exit();
}
}
?>
每当我输入正确的详细信息时,它会抛出您的信息不正确,之前它曾用于mysql_query,但现在它已被弃用。
答案 0 :(得分:0)
用户传递错误&amp;传入这里:
$sql = mysqli_query($conn, "SELECT id FROM users2 WHERE username='$user' AND password='$pass' LIMIT 1");
你应该改变它:
$sql = mysqli_query($conn, "SELECT id FROM users2 WHERE username='$user_login' AND password='$md5password_login' LIMIT 1");