Question

这是我的学校作业，无论验证码输入是真还是假，它始终返回true，并将用户引导到首页。我不知道我做错了什么部分导致了这个错误

<?php
session_start();
include 'koneksi.php';
$username = $_POST['username'];
$pass= $_POST['pass'];
$captcha = $_POST['nilaicaptcha'];
$result = mysqli_query($koneksi,"select username,password from acc where username='$username' and password='$pass'");
    if(isset($_POST['sigin'])){
        if (!isset($username) or !isset($pass)){
        echo "Username or Password is invalid";
        }
        else if (mysqli_num_rows($result)>0 and $captcha==$_SESSION['captcha']){
            $_SESSION['login_user'] = $username;
            header("location:home.php");
        }
        else {
            echo "Salah";
            echo "Username or Password is invalid";
        }
        exit;
    }
    else if(isset($_POST['register'])){
            header("location:register.php");
    }
?>

我已经检查了变量是否正确，没有类型错误或错误传递的变量。我认为这与$captcha==$_SESSION['captcha']部分有关，但是我不确定为什么这是错误的，因为对我来说似乎不错，而也许不是这样

Answer 1

感谢帮助人员，我发现问题出在操作员身上。应该是else if (mysqli_num_rows($result)>0 and $_SESSION['Captcha']===$captcha)

Answer 2

验证码验证始终返回true

if(strcasecmp($_SESSION['captcha'], $_POST['captcha']) == 0)

link

验证码验证始终返回true

2 个答案: