登录后查询另一个表

Question

这看起来应该很简单，但我已经尝试过各种方式，而且似乎无法让它发挥作用。

我有这个登录脚本，我从在线教程改编。我想要做的是让用户使用用户名和密码登录，如果这些是正确的，请将他们的实验室结果发送到另一个表（相同的数据库）并显示它们。我可以让它登录，但就是这样。这是登录代码：

<?php  //Start the Session
session_start();
 require('connect.php');
//3. If the form is submitted or not.
//3.1 If the form is submitted
if (isset($_POST['username']) and isset($_POST['password'])){
//3.1.1 Assigning posted values to variables.
$username = $_POST['username'];
$password = $_POST['password'];
//3.1.2 Checking the values are existing in the database or not
$query = "SELECT * FROM `user` WHERE username='$username' and password='$password'";

$result = mysql_query($query) or die(mysql_error());
$count = mysql_num_rows($result);
//3.1.2 If the posted values are equal to the database values, then session will be created for the user.
if ($count == 1){
$_SESSION['username'] = $username;
}else{
//3.1.3 If the login credentials doesn't match, he will be shown with an error message.
echo "Invalid Login Credentials.";
}
}
//3.1.4 if the user is logged in Greets the user with message
if (isset($_SESSION['username'])){
$username = $_SESSION['username'];
echo "Hi " . $username . "! ";
echo "This is the results of your inquiry.<br><br>";




/*This is where I'm assuming the new query needs to go.
Query a different table named "data"  and pick out information according to 
$username which was put in earlier */




echo "<br><a href='logout.php'>Logout</a>";

}else{
//3.2 When the user visits the page first time, simple login form will be displayed.
?>
<!DOCTYPE html>

<html>
<head>
  <title>Lab Sign In Page</title>
  <link rel="stylesheet" type="text/css" href="style.css">
</head>

<body>
  <!-- Form for logging in the users -->

  <div class="register-form">
    <?php
        if(isset($msg) & !empty($msg)){
            echo $msg;
        }
     ?>

    <h1>Login</h1>

    <form action="" method="post">
      <p><label>User Name :</label> <input id="username" type="text" name="username" placeholder=
      "username"></p>

      <p><label>Password   :</label> <input id="password" type="password" name="password"
      placeholder="password"></p><a class="btn" href="register.php">Signup</a> <input class=
      "btn register" type="submit" name="submit" value="Login">
    </form>
  </div><?php }


   ?>
</body>
</html>

A＆＃34;加入＆＃34;当我谷歌它时我得到的但是这看起来并不正确。有人可以帮忙吗？

Answer 1

您可以使用其他查询来简化：

$sql = mysql_query("SELECT * FROM data WHERE user = '" . mysql_real_escape_string($username) . "'");

然后你可以用这个来处理。

请注意，您不应该使用MySQL驱动程序，因为它已被弃用，而是使用MySQLi（mproved）。你应该逃避POSTed值，这非常重要！

Answer 2

1. 您的上一个else语句正在尝试回显HTML。

2. 您应该使用mysqli或PDO，因为不推荐使用mysql。

   <?php  //Start the Session
   session_start();
   // require('connect.php');
   // Establish connection with database
   $con=mysqli_connect("localhost","root","","test");
   // Check connection
   if (mysqli_connect_errno()){ echo "Failed to connect to MySQL: " . mysqli_connect_error(); }
   //3. If the form is submitted or not.
   //3.1 If the form is submitted
   if (isset($_POST['username']) and isset($_POST['password'])){
     //3.1.1 Assigning posted values to variables.
     $username = $_POST['username'];
     $password = $_POST['password'];
     //3.1.2 Checking the values are existing in the database or not
     $query = "SELECT * FROM `people` WHERE username='$username' and password='$password'";
   
     $result = mysqli_query($con,$query) or die(mysqli_error());
     $count = mysqli_num_rows($result);
     //3.1.2 If the posted values are equal to the database values, then session will be created for the user.
     if ($count == 1){
       $_SESSION['username'] = $username;
         echo "Valid";
     }else{
       //3.1.3 If the login credentials doesn't match, he will be shown with an error message.
       echo "Invalid Login Credentials.";
     }
   }
   
   //3.1.4 if the user is logged in Greets the user with message
   if (isset($_SESSION['username'])){
     $username = $_SESSION['username'];
     echo "Hi " . $username . "! ";
     echo "This is the results of your inquiry.<br><br>";
   

   echo＆＃34;用户名：$ username
   ＆＃34 ;; echo＆＃34;会话用户名：＆＃34;。$ _ SESSION [＆＃39;用户名＆＃39;];

   //这是我假设新查询需要去的地方。 //查询名为＆＃34; data＆＃34;的另一个表并根据之前放入的$ username选择信息

   回声＆＃34;

   
   注销＆＃34 ;;

   }else{
     //3.2 When the user visits the page first time, simple login form will be displayed.
   }
   ?>
   <!DOCTYPE html>
   
   <html>
   <head>
     <title>Lab Sign In Page</title>
     <link rel="stylesheet" type="text/css" href="style.css">
   </head>
   
   <body>
     <!-- Form for logging in the users -->
   
     <div class="register-form">
       <?php
           if(isset($msg) & !empty($msg)){
               echo $msg;
           }
        ?>
   
       <h1>Login</h1>
   
       <form action="test.php" method="post">
         <p><label>User Name :</label> <input id="username" type="text" name="username" placeholder=
         "username"></p>
   
         <p><label>Password   :</label> <input id="password" type="password" name="password"
         placeholder="password"></p><a class="btn" href="register.php">Signup</a> <input class=
         "btn register" type="submit" name="submit" value="Login">
       </form>
     </div>
   </body>
   </html>