用session(PHP)显示sql查询

时间:2017-11-30 17:12:42

标签: php mysql sql

我正在使用会话和SQL的登录功能, 在我的sql中有一个名为first name的列,我试图找出如何在登录之后显示Hello $ firstname哪个不能正常工作 而不是Hello $用户名,它正在工作并显示用户名。 谢谢你的帮助。

<?php 
session_start();
require('connect.php');
if (isset($_POST['username']) and isset($_POST['password']) and isset($_POST['firstname'])){

    $username = $_POST['username'];
    $password = $_POST['password'];

    $query = "SELECT * FROM `user` WHERE username='$username' and password='$password'";
    $result = mysqli_query($connection, $query) or die(mysqli_error($connection));
    $count = mysqli_num_rows($result);

    if ($count == 1){
        $_SESSION['username'] = $username;
    }
    else{
        $fmsg = "Invalid Login Credentials.";
    }
}

if (isset($_SESSION['username'])){
    $username = $_SESSION['username'];
    echo "Hello " . $username . "
    ";
    echo "This is the Members Area
    ";
    echo "<a href='logout.php'>Logout</a>";

}else
    header('location: login.php');
?>

3 个答案:

答案 0 :(得分:0)

您的问题很难回答,因为它有太多问题需要您付出代价。代码写得不好,易受攻击,而且更多。

请接受我的建议,并按照简单的教程如何创建更好的登录系统。

链接:https://www.tutorialrepublic.com/php-tutorial/php-mysql-login-system.php

更新,因为OP确实想要回答他的问题:

首先检查您是否实际发布了“名字”:

echo "<pre>";
var_dump($_POST);

如果你是,那么你需要存储“名字”:

$firstname = $_POST['firstname'];

在查询结果中:

if ($count == 1){
$_SESSION['firstname'] = $firstname;
}

然后你可以这样做:

echo "Hello " . $firstname . "

注意:我只给你一个解决方案,因为你真的想要它。您的代码非常脆弱且编写得很糟糕。另外,你在我回答时编辑了这个问题......:)

答案 1 :(得分:0)

<?php 
session_start();
require('connect.php');
if (isset($_POST['username']) and isset($_POST['password']) and isset($_POST['firstname']))
{
  $query = "SELECT * FROM `user` WHERE username='".trim($_POST['username'])."' and password='".trim($_POST['password'])."'";
  $result = mysqli_query($connection, $query) or die(mysqli_error($connection));
  $count = mysqli_num_rows($result);
  if ($count == 1)
  {
    //store the data which is neccessary
    $_SESSION['username'] = trim($_POST['username']);
    $_SESSION['firstname'] = trim($_POST['firstname']);
  }
  else
  {
    $fmsg = "Invalid Login Credentials.";
  }
}
if(isset($_SESSION['username']))
{
  echo "Hello " . $_SESSION['firstname']." . You are just logged in.<br>";
  echo "This is the Members Area";
  echo "<a href='logout.php'>Logout</a>";
}
else
  header('location: login.php');
?>

注意:使用一些密码加密来加密n个解密密码以维护用户隐私(例如,md5)

答案 2 :(得分:0)

<?php 
session_start();
 require('connect.php');
if (isset($_POST['username']) and isset($_POST['password']) and isset($_POST['firstname'])){

$username = $_POST['username'];
$password = $_POST['password'];
$firstname = $_POST['firstname'] // you need to assign it to first name here

$query = "SELECT * FROM `user` WHERE username='$username' and password='$password'";
$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
$count = mysqli_num_rows($result);

if ($count == 1){
$_SESSION['username'] = $username;
$__SESSION['firstname'] = $firstname; // you can store first name in seesion if you want here
}
else{

$fmsg = "Invalid Login Credentials.";
}
}

if (isset($_SESSION['username'])){
$username = $_SESSION['username'];
$firstname = $_SESSION['firstname']; // you ofcourse can assign $firstname again here
echo "Hello " . $username ; // you don't need the appending ." ";
echo "Hello " . $firstname ; // can echo $firstname succesfully here
echo "This is the Members Area
";
echo "<a href='logout.php'>Logout</a>";

}else
header('location: login.php');
?>

现在,您可以从其他答案和评论中获取建议,并查看代码中的漏洞。

相关问题
最新问题