当我的用户在login.php上的表单中输入他们的电子邮件和密码时,表单操作使用以下代码来确保他们是有效用户,并且这两个字段都不是空白。我的问题是,即使使用有效的电子邮件和密码,用户也会被定向回login.php页面而不是logged_in.php页面,有人可以提出建议吗?
<?php
session_start();
include("connection.inc.php");
$connection = connect();
$txtEmail = $_POST['email'];
$txtPassword = $_POST['password'];
if ((empty($txtEmail)) || (empty($txtPassword)))
{
header("Location: login.php");
exit;
}
$sql = "SELECT * FROM subscriber WHERE email = '$txtEmail' AND password = '$txtPassword'";
$result = @mysql_query($sql) or die ("Unable to run query");
$count = mysql_num_rows($result);
if($count != 0)
{
$_SESSION['email'] = $txtEmail;
$_SESSION['attempt_info'] = "authenticated";
header("Location: logged_in.php");
}
?>
答案 0 :(得分:3)
您实际上是在最后login.php声明中重定向到if。如果SQL查询成功,我认为它应该重定向到logged_in.php。
答案 1 :(得分:1)
看起来$txtEmail是你的变量而email在sql数据库中是它的名字,所以看起来应该是这样的
$txtEmail = $_POST['txtEmail'];
$txtPassword = $_POST['txtPassword'];
这将允许将文本字段的内容传递给sql查询。
答案 2 :(得分:0)
if (empty($txtEmail) or empty($txtPassword))
{
// ...
}
if($count ==1) //something can go wrong set the 0 to 1
{
$_SESSION['email'] = $txtEmail;
$_SESSION['attempt_info'] = "authenticated";
header("Location: logged_in.php");
}