登录页面和注册之间的连接

时间:2018-04-21 02:03:38

标签: php mysql mysqli

我是php的新手,我正在尝试链接登录页面和注册页面。一旦我按下登录按钮,它就会直接进入链接页面,尽管我输入了错误的密码。

我尝试通过mysqlinumrows来解决它。登录后的结果仍在登录页面中。我试图解决它,但不能。我希望有人能帮助我减轻压力,因为我知道自己在下面的代码中的错误。

代码:

<?php
    session_start();
    $_SESSION['message'] = '';
    $mysqli=new MySQLi('127.0.0.1','root','','accounts');

    if($_SERVER["REQUEST_METHOD"] == "POST") {
        if ($_POST['password']== $_POST['confirmpassword']) {

            $username = $mysqli->real_escape_string($_POST['username']);
            $email = $mysqli->real_escape_string($_POST['email']);
            $password = md5($_POST['password']);
            $profile_path = $mysqli->real_escape_string('images/'.$_FILES['profile']['name']);


            if (preg_match("!image!", $_FILES['profile']['type'])) {

                if (copy($_FILES['profile']['tmp_name'],$profile_path)){
                    $_SESSION['username'] =$username;
                    $_SESSION['profile'] =$profile_path;

                    $sql ="INSERT INTO users(username,email,password,profile)"
                    ."VALUES ('$username','$email','$password','$profile_path')";       

                    if($mysqli->query($sql)=== true) {
                              $_SESSION['message'] =  'Registration successful!
                              Added $username to the database!';
                         header("location:RegisterLogin.php");
                          }
                          else {
                              $_SESSION['message'] = "User could not be added to the database!";
                }
            }
            else{
                $_SESSION['message'] = "file failed!";

            }
            }
            else {
                $_SESSION['message'] = "Please only upload GIF,JPG, or PNG images!";
        }
        }
        else{
            $_SESSION['message'] = "two password do not match!";
        }
        }

    ?> 

    (Login Form)
    <?php 
    session_start();
    $_SESSION['message']=''; 
    $mysqli=new MySQLi('127.0.0.1','root','','accounts');


    if(isset($_POST['username'])) {
        $username = $mysqli->real_escape_string($_POST['username']);
            $password = md5($_POST['password']);
            $sql="SELECT * FROM users WHERE  username ='$username' AND password=$password";
            $result = mysqli_query($mysqli,$sql);

            if(mysqli_affected_rows($result) == 1){
                  $_SESSION['username'] = $username;
                 $_SESSION['message'] =  "Registration successful!";
        header("location:Welcome.php");
        }
        else{
            $_SESSION['message'] = "Login Failed!"; 
        }
    }
    ?>

2 个答案:

答案 0 :(得分:1)

首先,您必须拥有表单标记。试试这种格式

&#13;
&#13; 
<form action="" method="post">
  <input type="text" name="username">
  <input type="password" name="password">
  <input type="submit" name="login">
</form>
&#13;
&#13;
&#13;

对于您的PHP代码:

&#13;
&#13; 
    if(isset($_POST['login'])) {
            $username = $mysqli->real_escape_string($_POST['username']);
            $password = md5($_POST['password']);
            $sql="SELECT * FROM users WHERE  username ='$username' AND password=$password";
            $result = mysqli_query($mysqli,$sql);

            if(mysqli_affected_rows($result) == 1){
                  $_SESSION['username'] = $username;
                 $_SESSION['message'] =  "Registration successful!";
        header("location:Welcome.php");
        }
        else{
            $_SESSION['message'] = "Login Failed!"; 
        }
    }
&#13;
&#13;
&#13;

如果不是您的问题,请在下方发表评论。我会帮助你。

答案 1 :(得分:0)

将登录页面中的select查询更正为$sql="SELECT * FROM users WHERE username ='$username' AND password='$password' ";将单引号添加到密码变量

相关问题
最新问题