我有一个项目需要使用php和mySQL为给定场景创建系统。另一个要求是它必须为不同的用户登录。
在我的实现中,即使使用正确的凭据也无法进行身份验证。我正在使用mysqli进行此实现。没有语法错误,字段名称和输入的凭据都是正确的。
有问题的代码(login.php):
<?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
if (empty($_POST['username']) || empty($_POST['password'])) {
$error = "Please enter a username and password";
} else {
// Define $username and $password
$username=$_POST['username'];
$password=$_POST['password'];
// Calls the 'connect.php' to connect to the database and select the database
require 'db/connect.php';
// To protect MySQL injection for Security purpose
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
// SQL query to fetch information of registerd users and finds user match.
$result = $db->query("SELECT * FROM `users` WHERE 'usr_pwd'='$password' AND 'usr_name'='$username'");
if ($result->num_rows == 1) {
$_SESSION['login_user']=$username; // Initializing Session
header("location: test.php"); // Redirecting To Other Page
} else {
$error = "Username or Password is invalid";
}
mysqli_close($db); // Closing Connection
}
}
?>
我还将github repo链接到我的代码:https://github.com/gussippi/furniture-store