我正在写一个登录系统,用户输入他的电子邮件和密码,脚本检查它是否在数据库中,然后检查密码。我的问题是,它仅检查第一个值,其他值将被忽略。如何在数据库中完成循环,然后如果不成功则转到else部分?
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
session_start();
$host = htmlspecialchars($_SERVER["HTTP_HOST"]);
$uri = rtrim(dirname(htmlspecialchars($_SERVER["PHP_SELF"])), "/\\");
require_once "db_daten_aktuell.php";
if (isset($_POST['email']) && ($_POST['passwort']))
{
if ($stmt = $mysqli->prepare("SELECT vorname, email, password FROM gast"))
{
$stmt->execute();
$stmt->bind_result($vorname, $email, $password);
while ($stmt->fetch())
{
if ($_POST['email'] == $email)
{
if ($_POST['passwort'] == $password){
$_SESSION["name"] = $vorname;
$_SESSION["login"] = "ok";
$extra = "willkommen.php";
}
}
else
{
$extra = "start.php?f=1";
}
$stmt->close();
}
$mysqli->close();
}
}
header("Location: http://$host$uri/$extra");
?>
答案 0 :(得分:1)
尝试更改此部分
if ($stmt = $mysqli->prepare("SELECT vorname, email, password FROM gast"))
{
$stmt->execute();
到
if ($stmt= $mysqli->prepare("SELECT vorname, email, password FROM gast WHERE email=? AND password=?"));
$stmt->bind_param("ss", $_POST['email'] ,$_POST['passwort']);
$stmt->execute();
这样您可以先比较电子邮件和密码,然后根据要求进行其他比较。如果还有其他问题,请告诉我