因此,当我登录时,使用正确的ID和密码,它只会显示为“错误的ID或密码”。不知道为什么会这样。我弄错了吗?或者是别的什么?请帮忙......谢谢。我只是想说,当注册密码被加密并使用“crypt”存储时。在定义$ pw时我是否需要定义 - 这就是为什么它不起作用?
UPDATE = I used this tutorial/website
process_login.php
<?php
$host="localhost"; // Host name
$username="*******"; // Mysql username
$password="*******"; // Mysql password
$db_name="*******"; // Database name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$id=$_POST['ID'];
$pw=$_POST['Password'];
// To protect MySQL injection (more detail about MySQL injection)
$id = stripslashes($id);
$pw = stripslashes($pw);
$id = mysql_real_escape_string($id);
$pw = mysql_real_escape_string($pw);
$sql="SELECT * FROM User WHERE ID='$id' and Password='$pw'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $id and $pw, table row must be 1 row
if($count==1){
$result=mysql_fetch_array($result);
$st = $result['Status'];
//page link on the basis of user Status you can add more condition on the basis of ur roles in db
if($st == '0'){
$link = 'menu_user.php';
}
elseif($st == '1'){
$link = 'menu_staff.php';
}
elseif($st == '2'){
$link = 'menu_admin.php';
}
// session Register $id, $pw and redirect
$_SESSION["ID"] = $id;
$_SESSION["Password"] = $pw;
$_SESSION["Status"] = $st;
header("Location: ".$link."");
}
else {
echo "Wrong ID or Password";
echo"<META HTTP-EQUIV='Refresh' Content='2; URL=http://******/index.php'>";
}
?>