我正在使用php和mysql编写注册和登录程序。注册部分工作正常,但当我尝试使用有效凭据登录时,根据注册时存储的deatils,我仍然得到无效的注册码和密码。这是代码:
<?php
session_start();
require_once 'dbconnect.php';
if (isset($_SESSION['userSession'])!="") {
header("Location: studentportal.html");
exit;
}
if (isset($_POST['btn-login'])) {
$Regnumber = strip_tags($_POST['Regnumber']);
$Password = strip_tags($_POST['Password']);
$Regnumber = $DBcon->real_escape_string($Regnumber);
$Password = $DBcon->real_escape_string($Password);
$query = $DBcon->query("SELECT Sessionid, Regnumber, Password FROM regstudents WHERE Regnumber='$Regnumber'");
$row=$query->fetch_array();
$count = $query->num_rows; // if email/password are correct returns must be 1 row
if (password_verify($Password, $row['Password']) && $count==1) {
$_SESSION['userSession'] = $row['Sessionid'];
header("Location: home.php");
} else {
$msg = "<div class='alert alert-danger'>
<span class='glyphicon glyphicon-info-sign'></span> Invalid Regnumber or Password !
</div>";
}
$DBcon->close();
}
?>