我创建了此登录页面,用于检查输入的用户名和密码是否与users表中的记录匹配。但每当我点击提交按钮时,都没有任何反应。错误是什么?这是我的代码:
<?php
session_start();
include 'dbconnect.php';
if (isset($_POST['submit'])) {
if (isset($_POST['tsmUsername'])) {
$username=$_POST['tsmUsername'];
$_SESSION['tsmUserName']=$username;
$password=$_POST['tsmPassword'];
$sql="SELECT * FROM users cust_registration WHERE custName='$username' AND custPass='$password' LIMIT 1";
$result=mysql_query($dbconnect,$sql);
if(mysql_num_rows($result)==1)
{
echo "You have successfully logged in";
}
else{
echo "Invalid";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title> THE CAR PARK</title>
<centre><div class="a1">
<h3 style="color:crimson" align="centre"> WELCOME TO THE </h3>
</div></centre>
<centre> <div class="a2">
<h1 style="color:crimson" align="centre"> PARK MARK </h1>
</div></centre>
<hr> <br>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Coding Cage - Login & Registration System</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body background="user4.png" height="auto" width="auto" bgcolor = "#FFFFFF">
<div class="form">
<div class="container">
<div align="center" id="login-form">
<form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>" autocomplete="off">
<div class="col-md-12">
<div class="form-group">
<h2 style="color:crimson" class="">LOGIN</h2>
</div>
<div class="form-group">
<hr />
</div>
<?php
if ( isset($errMSG) ) {
?>
<div class="form-group">
<div class="alert alert-<?php echo ($errTyp=="success") ? "success" : $errTyp; ?>">
<span class="glyphicon glyphicon-info-sign"></span> <?php echo $errMSG; ?>
</div>
</div>
<?php
}
?>
<div class="form-group">
<div class="input-group">
<span class="input-group-addon"><span class="glyphicon glyphicon-user"></span></span>
<centre><p style="color:crimson">Username</p> <input type="text" name="tsmUsername" class="form-control" placeholder="Enter Name" maxlength="50" value="<?php echo $name ?>" /></centre>
</div>
<span class="text-danger"><?php echo $nameError; ?></span>
</div>
<div class="form-group">
<div class="input-group">
<span class="input-group-addon"><span class="glyphicon glyphicon-lock"></span></span>
<centre><p style="color:crimson">Password</p><input type="password" name="tsmPassword" class="form-control" placeholder="Enter Password" maxlength="15" /></centre>
</div>
<span class="text-danger"><?php echo $passError; ?></span>
</div>
<div class="form-group">
<hr />
</div>
<tr> <div class="form-group">
<centre><button type="submit" class="btn btn-block btn-primary" name="submit">log in</button></centre>
</div>
<div class="hd5">
<button><a href="welcome.php">Back To Home>></a></button>
<button><a href="cust_register.php">Customer registration</a></button>
<button><a href="location.php">Location</a></button>
<button><a href="parking.php">Parking</a></button>
<button><a href="accounts.php">Accounts</a></button>
</div>
<hr />
</tr>
</div>
</form>
</div>
</div>
</div>
</body>
<header>
<h5 align="right" style=color:antiquewhite>Designed by: john</h5>
</header>
</html>
<?php ob_end_flush(); ?>
答案 0 :(得分:2)
最后,经过多次评论......(我注意到以下内容):
$result=mysql_query($dbconnect,$sql);
您需要反转这两个变量:
$result=mysql_query($sql, $dbconnect);
mysql_中的连接排在第二位,而不是第一位。
我也不会重复包括我在内的所有人在评论中已经说过的内容。
修改
这里有一个快速重写mysqli_来帮助你。
<?php
error_reporting( ~E_DEPRECATED & ~E_NOTICE );
define('DBHOST', 'localhost');
define('DBUSER', 'root');
define('DBPASS', '');
define('DBNAME', 'car_park');
$conn = mysqli_connect(DBHOST, DBUSER, DBPASS, DBNAME);
if ( !$conn ) { die("Connection failed : " . mysqli_error($conn)); }
?>
<?php
session_start();
// place the db connection stuff above inside your dbconnect.php after
// include 'dbconnect.php';
if (isset($_POST['submit'])) {
if (!empty($_POST['tsmUsername'])) {
$username=$_POST['tsmUsername'];
$_SESSION['tsmUserName']=$username;
$password=$_POST['tsmPassword'];
$sql="SELECT * FROM users cust_registration
WHERE custName='$username'
AND custPass='$password' LIMIT 1";
$result=mysqli_query($conn,$sql);
} // brace for if (!empty($_POST['tsmUsername']))
if($result){
if(mysqli_num_rows($result)>0)
{
echo "You have successfully logged in";
}
else{
echo "Invalid";
}
} // brace for if($result)
else {
echo "The query failed: " . mysqli_error($conn);
}
}
?>
但是为此使用预准备语句,您的代码对SQL注入开放,并且password_hash()已在注释中说明。它只是很有道理,特别是在这个时代。
如果您仍然想要使用mysql_ API:
dbconnect.php:
<?php
error_reporting( ~E_DEPRECATED & ~E_NOTICE );
define('DBHOST', 'localhost');
define('DBUSER', 'root');
define('DBPASS', '');
define('DBNAME', 'car_park');
$conn = mysql_connect(DBHOST,DBUSER,DBPASS);
$dbcon = mysql_select_db(DBNAME, $conn);
if ( !$conn ) { die("Connection failed : " . mysql_error($conn)); }
if ( !$dbcon ) { die("Database Connection failed : " . mysql_error($conn)); }
?>
PHP / MySQL:
<?php
session_start();
// Put the above codes in the dbconnect.php file
include 'dbconnect.php';
if (isset($_POST['submit'])) {
if (!empty($_POST['tsmUsername'])) {
$username=$_POST['tsmUsername'];
$_SESSION['tsmUserName']=$username;
$password=$_POST['tsmPassword'];
$sql="SELECT * FROM users cust_registration
WHERE custName='$username'
AND custPass='$password' LIMIT 1";
$result=mysql_query($sql, $conn);
if($result){
echo "OK, the query did not fail.";
}
else{
echo "The query failed: " . mysql_error($conn);
}
if(mysql_num_rows($result)>0)
{
echo "You have successfully logged in";
}
else{
echo "Invalid";
}
}
}
?>
答案 1 :(得分:0)
mysql_select_db($dbconnect);
mysql_query($sql);
或
mysqli_query($dbconnect, $sql);