如果内线中的语句逻辑似乎每次都错误地工作(即使输入了正确的现有用户名和密码)。我找不到原因。
代码:
<?php
$conn = new mysqli("localhost", "root", "", "customerdirectory");
if($conn->connect_error) {
echo("Connection Failed " . $conn->connect_error);
exit();
}
if(isset($_POST["user"], $_POST["pass"])) {
$username = stripslashes($_POST["user"]);
$username = mysqli_real_escape_string($conn,$username);
$password = stripslashes($_POST["pass"]);
$password = mysqli_real_escape_string($conn,$password);
$result = "SELECT * FROM customer WHERE name=='$username' AND password=='$password'";
**if($conn->query($result) === TRUE)**
echo("Successful login: ".$username);
else
echo("The username or password are incorrect!");
$conn->close();
};
?>
答案 0 :(得分:1)
成功
SELECT,SHOW,DESCRIBE或EXPLAIN查询mysqli_query()将返回mysqli_result个对象。对于其他 成功的查询mysqli_query()将返回TRUE。
由于您正在执行SELECT查询,因此您应该期待mysqli_result个对象而不是TRUE。如果你改变如下,应该工作:
if($conn->query($result))
echo("Successful login: ".$username);
else
echo("The username or password are incorrect!");
答案 1 :(得分:1)
您的查询错误。 mysql中没有==
使用此查询
$result = "SELECT * FROM customer WHERE name='$username'
AND password='$password'";
答案 2 :(得分:0)
MySQL(和其他SQL语言)不使用编程语言中的双等号语法。因此,您的查询应为column = value而不是column == value。
答案 3 :(得分:0)
坚持写name=='$username' AND password=='$password';尝试以下查询
select * from customer where name='$username' AND password='$password'";