在此代码中,当我在登录面板中输入错误密码时,会显示错误消息“您的帐户已被管理员停用。请联系管理员”,但应显示“您的手机或密码无效。请重新登录!” if条件是否有任何错误,请任何人对此提供帮助。
<?php
include("../includes/db.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST") {
// username and password sent from form
$mobile = mysqli_real_escape_string($con,$_POST['mobile_l']);
$mypassword = mysqli_real_escape_string($con,$_POST['password']);
$sql = "SELECT * FROM agent_profile WHERE mobile = '$mobile' and password = '$mypassword'";
$result = mysqli_query($con,$sql);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$count = mysqli_num_rows($result);
$status = $row['status'];
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1 && $status==1) {
$_SESSION['login_user'] = $mobile;
header("location: donor_list.php");
}
elseif($status==0)
{
$error="Your Account is deactivated by admin. Please contact Admin";
}
else {
$error = "Your Mobile or Password is invalid. Login Again!";
}
}
?>
答案 0 :(得分:1)
您的逻辑是错误的。管理员停用帐户后,您必须拥有$count=1,如果找不到任何记录,则意味着db中没有记录,$count应该为{{ 1}},并且由于您正在向0强制分配某些内容,因此在没有记录时,它可能会为其分配$status。因此,要区分第二个和第三个条件,请将0更改为elseif($status==0)
答案 1 :(得分:0)
问题出在行中
elseif($status==0)
由于仅使用两个=符号,因此即使status为null(找不到行)也将为true。您可以通过先检查计数是否为1或使用三个等号来检查类型差异来解决此问题。 IMO最好的解决方案是首先检查是否有任何结果,然后再进行进一步检查,如下所示:
if ($count == 1){
if ($status == 1){
$_SESSION['login_user'] = $mobile;
header("location: donor_list.php");
}else{
$error="Your Account is deactivated by admin. Please contact Admin";
}
}else{
$error = "Your Mobile or Password is invalid. Login Again!";
}