我已经创建了2个用于管理员注册和登录的网页。在 registrationadmin.php 页面上注册管理员后,它说注册成功。一旦登录网页并输入正确的凭据,它会通知我用户名/密码不正确。当我检查数据库时,管理员注册的详细信息存储在admin表的数据库中。
有什么问题/如何解决?
登录管理员代码:
<?php
require('db.php');
session_start();
if (isset($_POST['admin_username'])){
$admin_username = stripslashes($_REQUEST['admin_username']);
$admin_username = mysqli_real_escape_string($con,$admin_username);
$admin_password = stripslashes($_REQUEST['admin_password']);
$admin_password = mysqli_real_escape_string($con,$admin_password);
$admin_password = md5($admin_password);
$query = "SELECT * FROM `admin` WHERE admin_username='$admin_username' and admin_password='".md5($admin_password)."'";
$result = mysqli_query($con,$query) or die(mysql_error());
$rows = mysqli_num_rows($result);
if($rows==1){
$_SESSION['admin_username'] = $admin_username;
header("Location: adminindex.php");
}else{
echo "<div class='form'><h3>Username/password is incorrect.</h3><br/>Click here to <a href='loginadmin.php'>Login</a></div>";
}
}else{
?>
<div class="form">
<h3>Admin Log In</h3>
<form action="" method="post" name="login">
<input type="text" name="admin_username" placeholder="User Name" required />
<input type="password" name="admin_password" placeholder="Password" required />
<input name="submit" type="submit" value="Login" />
</form>
<a href="index.php">Back to main page</a>
</div>
<?php } ?>
Registrationadmin.php代码:
<?php
require('db.php');
if (isset($_REQUEST['admin_username'])){
$admin_username = stripslashes($_REQUEST['admin_username']); // removes backslashes
$admin_username = mysqli_real_escape_string($con,$admin_username); //escapes special characters in a string
$admin_email = stripslashes($_REQUEST['admin_email']);
$admin_email = mysqli_real_escape_string($con,$admin_email);
$admin_password = stripslashes($_REQUEST['admin_password']);
$admin_password = mysqli_real_escape_string($con,$admin_password);
$query = "INSERT into `admin` (admin_username, admin_email, admin_password) VALUES ('$admin_username', '$admin_email','".md5($admin_password)."')";
$result = mysqli_query($con,$query);
if($result){
echo "<div class='form'><h3>You are registered successfully.</h3><br/>Click here to <a href='loginindex.php'>Login</a></div>";
}
}else{
?>
<div class="form">
<h2>REGISTER AS ADMIN </h2>
<form name="registration" action="" method="post">
<input type="text" name="admin_username" placeholder="Username" required />
<input type="email" name="admin_email" placeholder="Email" required />
<input type="password" name="admin_password" placeholder="Password" required />
<input type="submit" name="submit" value="Register" />
</form>
</div>
<?php } ?>
答案 0 :(得分:0)
检查您的插入查询(我将其分为两行以提高可读性):
$query = "INSERT into `admin` (admin_username, admin_email, admin_password)
VALUES ('$admin_username', '$admin_email','".md5($admin_password)."')";
您仅输入字符串$admin_username和$admin_email,而不是使用变量中存储的值 $admin_username和$admin_email。
您必须以与密码相同的方式进行修复:
$query = "INSERT into `admin` (admin_username, admin_email, admin_password)
VALUES ('".$admin_username."', '".$admin_email."','".md5($admin_password)."')";