我尝试编写一个带有两个输入值(用户名和密码)的代码,并将它们与数据库中表(名为user)中的值进行比较。现在,如果为用户名插入的值为" admin"并且密码是" admin"。我想将管理员指向他的页面,如果用户已插入他的信息,我也想将他引导到他的页面。我的下面的代码看起来正确,但我没有得到回应。如何解决这个问题?
我为html编写了这段代码:
<form name="userLogin" action="LoginCode.php" method="POST" >
<h3>Login</h3>
<table width="450px">
<tr>
<td valign="top">
<label for="first_name">Your Name *</label>
</td>
<td valign="top">
<input type="text" name="user_username" maxlength="50" size="30" required>
</td>
</tr>
<tr>
<td valign="top">
<label for="last_name">Password *</label>
</td>
<td valign="top">
<input type="password" name="user_password" maxlength="50" size="30" required>
</td>
<tr>
<td></td>
<td><input type="submit" name="login" value="Login" required>
</td>
</tr>
</table>
</form>
这是我的LoginCode.php
<?php
include ("../Connections/map_connection.php");
if (isset($_POST["login"])) {
$user_username = $_POST["user_username"];
$user_password = $_POST["user_password"];
/* $user_email=$_POST["user_email"]; */
if ($username = 'admin' and $user_password = 'admin') {
$data = mysql_fetch_array($result);
session_start();
$_SESSION['name'] = $data['user_username'];
$_SESSION['start'] = time();
$_SESSION['expire'] = $_SESSION['start'] + 400;
header("location: ..Admin/AdminIndex.php");
} else {
$sql = ("select * from user where user_username='$user_username' and user_password= '$user_password' ");
$result = mysql_query($sql);
if (!$result) {
echo "Error" . mysql_error();
} else {
$row = mysql_num_rows($result);
if ($row == 0) {
echo 'Invalid username or password';
} else {
$data = mysql_fetch_array($result);
session_start();
$_SESSION['name'] = $data['user_username'];
$_SESSION['start'] = time();
$_SESSION['expire'] = $_SESSION['start'] + 400;
header("location: UserIndex.php");
}
}
}
}
?>
答案 0 :(得分:0)
我修好了!!
<?php
include ("../Connections/map_connection.php");
if (isset($_POST["login"])) {
$user_username= $_POST["user_username"];
$user_password= $_POST["user_password"];
if($user_username=='admin' && $user_password){
$sql= ("select * from admin where admin_username='$user_username' and admin_password= '$user_password' ");
$result = mysql_query($sql);
if(!$result){
echo "Error".mysql_error();
}
else
{
$row= mysql_num_rows($result);
if($row==0) {
echo 'Invalid username or password';
}
else
{
$data= mysql_fetch_array($result);
session_start();
$_SESSION['name'] = $data['admin_username'];
$_SESSION['start']=time();
$_SESSION['expire']= $_SESSION['start'] + 400;
header("location: ../Admin/AdminIndex.php");
}
}
}
else{
$sql= ("select * from user where user_username='$user_username' and user_password= '$user_password' ");
$result = mysql_query($sql);
if(!$result){
echo "Error".mysql_error();
}
else
{
$row= mysql_num_rows($result);
if($row==0) {
echo 'Invalid username or password';
}
else
{
$data= mysql_fetch_array($result);
session_start();
$_SESSION['name'] = $data['user_username'];
$_SESSION['start']=time();
$_SESSION['expire']= $_SESSION['start'] + 400;
header("location: UserIndex.php");
}
}
}
}
?>