我有一个登录表单,用户可以通过该表单登录该网站。我正在检查用户名和密码是否匹配。如果匹配,则用户将被重定向到网站,但如果不匹配,则表单的上半部分将显示错误消息。
为此,我将错误消息存储在变量中,然后将其打印到表单的上半部分。但它没有获得变量的价值。代码如下:
<?php
$link = mysqli_connect("localhost", "root", "", "youtube_project");
?>
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title>Login Form</title>
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<div class="login">
<div class="login-triangle"></div>
<h2 class="login-header">Log in</h2>
<form class="login-container" name="form1" action="" method="post">
<p style="color:red;"><?php if(isset($msg)){ echo $msg; } //Printing error msg, but couldn't get it ?></p>
<p><input type="text" placeholder="Username" name="username" required></p>
<p><input type="password" placeholder="Password" name="pwd" required></p>
<p><input type="submit" name="submit1" value="Log in"></p>
</form>
</div>
<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
<?php
if(isset($_POST['submit1'])){
$username = mysqli_real_escape_string($link, $_POST['username']);
$pwd = mysqli_real_escape_string($link, $_POST['pwd']);
$sql = mysqli_query($link, "SELECT * FROM admin_login WHERE username='$username' && password='$pwd'");
if(mysqli_num_rows($sql) >= 1){
?>
<script type="text/javascript">
window.location="demo.php";
</script>
<?php
} else {
$msg = "Invalid Username/Password combination"; //Storing error msg
}
}
?>
</body>
</html>
答案 0 :(得分:3)
您需要将PHP代码移到顶部,以便设置或取消设置变量$msg。
以下是格式化的更新代码:
<?php
$link = mysqli_connect("localhost", "root", "", "youtube_project");
if(isset($_POST['submit1'])){
$username = mysqli_real_escape_string($link, $_POST['username']);
$pwd = mysqli_real_escape_string($link, $_POST['pwd']);
$sql = mysqli_query($link, "SELECT * FROM admin_login WHERE username='$username' AND password='$pwd'");
if(mysqli_num_rows($sql) >= 1){
?>
<script type="text/javascript">
window.location="demo.php";
</script>
<?php
} else {
$msg = "Invalid Username/Password combination"; //Storing error msg
}
}
?>
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title>
Login Form
</title>
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<div class="login">
<div class="login-triangle">
</div>
<h2 class="login-header">
Log in
</h2>
<form class="login-container" name="form1" action="" method="post">
<p style="color:red;">
<?php if(isset($msg)){ echo $msg; } //Printing error msg, but couldn't get it ?></p>
<p>
<input type="text" placeholder="Username" name="username" required>
</p>
<p>
<input type="password" placeholder="Password" name="pwd" required>
</p>
<p>
<input type="submit" name="submit1" value="Log in">
</p>
</form>
</div>
<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
</body>
</html>
我建议你永远不要存储纯文本密码!请使用PHP的built-in functions来处理密码安全性。
您 SQL Injections也非常开放,应该真正使用Prepared Statements。
答案 1 :(得分:1)
你必须在显示它之前先初始化php变量。所以你必须在顶部编写php部分。
<?php
$link = mysqli_connect("localhost", "root", "", "youtube_project");
?>
<?php
if(isset($_POST['submit1'])){
$username = mysqli_real_escape_string($link, $_POST['username']);
$pwd = mysqli_real_escape_string($link, $_POST['pwd']);
$sql = mysqli_query($link, "SELECT * FROM admin_login WHERE username='$username' && password='$pwd'");
if(mysqli_num_rows($sql) >= 1){
?>
<script type="text/javascript">
window.location="demo.php";
</script>
<?php
} else {
$msg = "Invalid Username/Password combination"; //Storing error msg
}
}
?>
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title>Login Form</title>
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<div class="login">
<div class="login-triangle"></div>
<h2 class="login-header">Log in</h2>
<form class="login-container" name="form1" action="" method="post">
<p style="color:red;"><?php if(isset($msg)){ echo $msg; } //Printing error msg, but couldn't get it ?></p>
<p><input type="text" placeholder="Username" name="username" required></p>
<p><input type="password" placeholder="Password" name="pwd" required></p>
<p><input type="submit" name="submit1" value="Log in"></p>
</form>
</div>
<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
</body>
</html>
答案 2 :(得分:1)
我希望它可以提供帮助
<?php
$link = mysqli_connect("localhost", "root", "", "youtube_project");
if(isset($_POST['submit1'])){
$username = mysqli_real_escape_string($link, $_POST['username']);
$pwd = mysqli_real_escape_string($link, $_POST['pwd']);
$sql = mysqli_query($link, "SELECT * FROM admin_login WHERE username='$username' && password='$pwd'");
if(mysqli_num_rows($sql) >= 1){
?>
<script type="text/javascript">
window.location="demo.php";
</script>
<?php
} else {
$msg = "Invalid Username/Password combination"; //Storing error msg
}
}
?>
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title>Login Form</title>
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<div class="login">
<div class="login-triangle"></div>
<h2 class="login-header">Log in</h2>
<form class="login-container" name="form1" action="" method="post">
<p style="color:red;"><?php if(isset($msg)){ echo $msg; } //Printing error msg, but couldn't get it ?></p>
<p><input type="text" placeholder="Username" name="username" required></p>
<p><input type="password" placeholder="Password" name="pwd" required></p>
<p><input type="submit" name="submit1" value="Log in"></p>
</form>
</div>
<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
</body>
</html>