我刚刚开始学习PHP而我似乎无法工作,这样就不会welcome.php请帮忙吗?谢谢你的帮助,因为我已经把我的想法放在了这一点:(
$user=$_POST['user'];
$pass=$_POST['pass'];
$que ="SELECT * FROM users WHERE username='$user' and password='$pass'";
$res=mysql_query($que);
$c=mysql_num_rows($res);
if($c==1){
$_SESSION['user'] = $user;
header("location: welcome.php");
}
else {
header("location: empty.php");
}
?>
<form name="myform" method="POST" action="login.php">
<input name="username" type="text" id="username">
<input name="pass" input type="password" id="pass">
<input type="submit" name="Submit" value="Login">
</form>
答案 0 :(得分:1)
请试试这个:
<?php
session_start(); // You need this if you use a session
$user = mysql_escape_string($_POST['user']); // Defend from SQL Injection
$pass = mysql_escape_string($_POST['pass']);
if(isset($_POST['Submit']))
{
$que = "SELECT * FROM users WHERE username='$user' and password='$pass';";
$res = mysql_query($que);
$c = mysql_num_rows($res);
if($c==1){ // if you want use a session you need add session_start();
$_SESSION['user'] = $user;
header("location: welcome.php");
}
else {
header("location: empty.php");
}
}
?>
<form name="myform" method="POST" action="login.php">
<input name="username" type="text" id="username">
<input name="pass" type="password" id="pass">
<input type="submit" name="Submit" value="Login">
</form>
答案 1 :(得分:0)
如果你已经正确使用了session_start();已经提到你已经搞砸了,我会为你发帖,所以你可以复制/粘贴并亲自看看:)此外,小心SQL { {1}}研究Injection/XSS
PDO/msqli