登录后查询另一个表

时间:2015-06-10 16:04:04

标签: php mysql login

这看起来应该很简单,但我已经尝试过各种方式,而且似乎无法让它发挥作用。

我有这个登录脚本,我从在线教程改编。我想要做的是让用户使用用户名和密码登录,如果这些是正确的,请将他们的实验室结果发送到另一个表(相同的数据库)并显示它们。我可以让它登录,但就是这样。这是登录代码:

<?php  //Start the Session
session_start();
 require('connect.php');
//3. If the form is submitted or not.
//3.1 If the form is submitted
if (isset($_POST['username']) and isset($_POST['password'])){
//3.1.1 Assigning posted values to variables.
$username = $_POST['username'];
$password = $_POST['password'];
//3.1.2 Checking the values are existing in the database or not
$query = "SELECT * FROM `user` WHERE username='$username' and password='$password'";

$result = mysql_query($query) or die(mysql_error());
$count = mysql_num_rows($result);
//3.1.2 If the posted values are equal to the database values, then session will be created for the user.
if ($count == 1){
$_SESSION['username'] = $username;
}else{
//3.1.3 If the login credentials doesn't match, he will be shown with an error message.
echo "Invalid Login Credentials.";
}
}
//3.1.4 if the user is logged in Greets the user with message
if (isset($_SESSION['username'])){
$username = $_SESSION['username'];
echo "Hi " . $username . "! ";
echo "This is the results of your inquiry.<br><br>";




/*This is where I'm assuming the new query needs to go.
Query a different table named "data"  and pick out information according to 
$username which was put in earlier */




echo "<br><a href='logout.php'>Logout</a>";

}else{
//3.2 When the user visits the page first time, simple login form will be displayed.
?>
<!DOCTYPE html>

<html>
<head>
  <title>Lab Sign In Page</title>
  <link rel="stylesheet" type="text/css" href="style.css">
</head>

<body>
  <!-- Form for logging in the users -->

  <div class="register-form">
    <?php
        if(isset($msg) & !empty($msg)){
            echo $msg;
        }
     ?>

    <h1>Login</h1>

    <form action="" method="post">
      <p><label>User Name :</label> <input id="username" type="text" name="username" placeholder=
      "username"></p>

      <p><label>Password   :</label> <input id="password" type="password" name="password"
      placeholder="password"></p><a class="btn" href="register.php">Signup</a> <input class=
      "btn register" type="submit" name="submit" value="Login">
    </form>
  </div><?php }


   ?>
</body>
</html>

A&#34;加入&#34;当我谷歌它时我得到的但是这看起来并不正确。有人可以帮忙吗?

2 个答案:

答案 0 :(得分:0)

您可以使用其他查询来简化:

$sql = mysql_query("SELECT * FROM data WHERE user = '" . mysql_real_escape_string($username) . "'");

然后你可以用这个来处理。

请注意,您不应该使用MySQL驱动程序,因为它已被弃用,而是使用MySQLi(mproved)。你应该逃避POSTed值,这非常重要!

答案 1 :(得分:0)

  1. 您的上一个else语句正在尝试回显HTML。
  2. 您应该使用mysqliPDO,因为不推荐使用mysql。

    <?php  //Start the Session
    session_start();
    // require('connect.php');
    // Establish connection with database
    $con=mysqli_connect("localhost","root","","test");
    // Check connection
    if (mysqli_connect_errno()){ echo "Failed to connect to MySQL: " . mysqli_connect_error(); }
    //3. If the form is submitted or not.
    //3.1 If the form is submitted
    if (isset($_POST['username']) and isset($_POST['password'])){
      //3.1.1 Assigning posted values to variables.
      $username = $_POST['username'];
      $password = $_POST['password'];
      //3.1.2 Checking the values are existing in the database or not
      $query = "SELECT * FROM `people` WHERE username='$username' and password='$password'";
    
      $result = mysqli_query($con,$query) or die(mysqli_error());
      $count = mysqli_num_rows($result);
      //3.1.2 If the posted values are equal to the database values, then session will be created for the user.
      if ($count == 1){
        $_SESSION['username'] = $username;
          echo "Valid";
      }else{
        //3.1.3 If the login credentials doesn't match, he will be shown with an error message.
        echo "Invalid Login Credentials.";
      }
    }
    
    //3.1.4 if the user is logged in Greets the user with message
    if (isset($_SESSION['username'])){
      $username = $_SESSION['username'];
      echo "Hi " . $username . "! ";
      echo "This is the results of your inquiry.<br><br>";
    

    echo&#34;用户名:$ username
    &#34 ;; echo&#34;会话用户名:&#34;。$ _ SESSION [&#39;用户名&#39;];

    //这是我假设新查询需要去的地方。 //查询名为&#34; data&#34;的另一个表并根据之前放入的$ username选择信息

    回声&#34;


    注销&#34 ;;

    }else{
      //3.2 When the user visits the page first time, simple login form will be displayed.
    }
    ?>
    <!DOCTYPE html>
    
    <html>
    <head>
      <title>Lab Sign In Page</title>
      <link rel="stylesheet" type="text/css" href="style.css">
    </head>
    
    <body>
      <!-- Form for logging in the users -->
    
      <div class="register-form">
        <?php
            if(isset($msg) & !empty($msg)){
                echo $msg;
            }
         ?>
    
        <h1>Login</h1>
    
        <form action="test.php" method="post">
          <p><label>User Name :</label> <input id="username" type="text" name="username" placeholder=
          "username"></p>
    
          <p><label>Password   :</label> <input id="password" type="password" name="password"
          placeholder="password"></p><a class="btn" href="register.php">Signup</a> <input class=
          "btn register" type="submit" name="submit" value="Login">
        </form>
      </div>
    </body>
    </html>