Question

经过大量的汗水和挣扎，我设法让它工作〜不知何故〜。虽然我不知道如何根据用户先前输入的密码来编程将检查用户姓名的内容。有帮助吗？我想将名称设置为会话名称或其他内容，我认为这更安全。

<?php
ob_start();
session_start(); 
$host="localhost";
$user="x";
$pass="x";
$db="x";
$tbl_name="users";

$mysqli = mysqli_connect($host, $user, $pass, $db);

$mypassword=$_POST['code'];

$mypassword = stripslashes($mypassword);
$mypassword = $mysqli->real_escape_string($mypassword);
$encrypt_password=md5($mypassword);

$sql="SELECT * FROM $tbl_name WHERE password='$encrypt_password'";
$result=$mysqli->query($sql);

$count=mysqli_num_rows($result);

if($count==1) {



$_SESSION['mypassword']="$mypassword";
header("index/index.php");

}   
}
?>

Answer 1

您好需要将查询编辑为以下内容：

 $sql="SELECT * FROM $tbl_name WHERE password='$encrypt_password' AND `username`='$myusername'";

    As if you have 
    $count=mysqli_num_rows($result);

    if($count==1) {
    // it means your user is in a db and it could be marked as logged in

     header("Location: index/index.php");
    }

Answer 2

获取查询返回的行并从中获取用户名。

if ($count == 1) {
    $row = $result->fetch_assoc();
    $_SESSION['username'] = $row['username'];
    header("Location: index/index.php");
}

如何从数据库中获取用户名？ MYSQLI新手

2 个答案: