php检查并使用mysql数据库验证表单输入

时间:2016-03-31 04:37:03

标签: php mysql validation input compare

基本上我有这个表格,要求提供电子邮件和密码。

我想要做的是比较并检查输入是否与我的表/数据库中的数据匹配。

这是我的 registration.php(表单) 

<form action="Authentication.php" method="post">

    <b>Returning Intern Login</b><br/><br/>
    Enter your e-mail address: <input type="text" name="email" /><br/><br/>
    Enter your password: <input type="password" name="pw2"/><br/><i>(Passwords are case-sensitive and must be 6 characters long)</i><br/><br/>

    <input type="reset" value="Reset Login Form" />
    <input type="submit" name="submit2" value="Log In" /><hr/><br/>

</form>

这是 Authentication.php 

session_start();

$link = mysqli_connect('localhost','root','');
$database = mysqli_select_db($link,'internship');

$user = $_POST['email'];
$pass = $_POST['pw2'];


// User is logging in
if (isset($_POST["submit2"]))
{
    if (empty ($user)) //if username field is empty echo below statement
    {
        echo "<font color='red'>***You must enter your unique username (email).***</font><br/><br/>";

    }
    if (empty ($pass)) //if password field is empty echo below statement
    {
        echo "<font color='red'>***You must enter your unique password.***</font><br/><br/>";
    }

}
else
{   

    $query = "SELECT * FROM Interns WHERE email = '". mysqli_real_escape_string($link,$user) ."' AND password = '". mysqli_real_escape_string($link,$pass) ."'" ;
    $result = mysqli_query($link,$query);
    if (mysqli_num_rows($result) == 1) 
    {
        echo "pass"; //Pass, do something
    } 
    else 
    {
        echo "fail"; //Fail
    }

}

session_write_close();

它适用于空输入。

但是当我从数据库/表格中提供完全相同的电子邮件和密码时,

显示白色空白页..

2 个答案:

答案 0 :(得分:2)

您需要在if语句中编写整个代码以确保填写字段,如下所示:

 if (isset($_POST["submit2"]))
 {
    if (empty ($user)) //if username field is empty echo below statement
     {
       /* Code */

     }
     if (empty ($pass)) //if password field is empty echo below statement
     {
       /* Code */
     }

     $query = "SELECT * FROM Interns WHERE email = '". mysqli_real_escape_string($link,$user) ."' AND password = '". mysqli_real_escape_string($link,$pass) ."'" ;
     $result = mysqli_query($link,$query);
     if (mysqli_num_rows($result) == 1) 
      {
        echo "pass"; //Pass, do something
      } 
       else 
      {
        echo "fail"; //Fail
      }

 }
 else
 {
     echo "Empty input submit2"; // empty $_POST["submit2"]
 }

希望这有帮助。

答案 1 :(得分:0)

Mysqli有4个参数hostnameusernamepassworddbname

<?php
    session_start();

    $link = mysqli_connect('localhost','root','','internship');





    // User is logging in
    if (isset($_POST["submit2"]))
    {
    $user = $_POST['email'];
    $pass = $_POST['pw2'];
        if (empty($user)) //if username field is empty echo below statement
        {
            echo "<font color='red'>***You must enter your unique username (email).***</font><br/><br/>";

        }
        else if (empty ($pass)) //if password field is empty echo below statement
        {
            echo "<font color='red'>***You must enter your unique password.***</font><br/><br/>";
        }   
    else
    {   
   $query = "SELECT * FROM Interns WHERE email = '". $user ."' AND password = '".$pass."'" ;
        $result = mysqli_query($link,$query);
        if (mysqli_num_rows($result) == 1) 
        {
            echo "pass"; //Pass, do something
        } 
        else 
        {
            echo "fail"; //Fail
        }

    }

    session_write_close();
    ?>
相关问题
最新问题