0

嗨,我是 php 和 mysql 的新手,我正在使用一个网站,我正在阅读一些关于如何创建登录页面的教程,当我尝试创建自己的登录页面时,似乎它在脚本中停止并且没有继续登录成功后的下一页

这是代码

master1.php
<form action="loginscript.php" method="post" name="loginform">
<table class="logintable">
<!-- username-->
<tr>
<td class="tdalignright"><strong>
Username:</strong>
</td>
<td>
<input type="text" name="uname" id="uname"/>
</td>
</tr>
<!-- password -->
<tr>
<td class="tdalignright"><strong>
Password:</strong>
</td>
<td>
<input type="password" name="pword" id="pword"/>
</td>
</tr>
<!-- login button -->
<tr>
<td>
</td>
<td class="tdalignright">
<input type="submit" name="Submit" value="Login" />
</td>
</tr>

</table> 
</form>

这是登录脚本

loginscript.php
<?php

$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password=""; // Mysql password 
$db_name="seelsdb"; // Database name 
$tbl_name="tblteacher"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$uname=$_POST['uname']; 
$pword=$_POST['pword']; 
// To protect MySQL injection (more detail about MySQL injection)
$uname = stripslashes($uname);
$pword = stripslashes($pword);
$uname = mysql_real_escape_string($uname);
$pword = mysql_real_escape_string($pword);
$sql="SELECT * FROM $tbl_name WHERE teacherEmail='$uname' and teacherPass='$pword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("uname");
session_register("pword"); 
header("location:schedule.php");
}
else {
echo "Wrong Username or Password";
}

?>

这是成功登录后的下一页

schedule.php

<?php
session_start();
if(!session_is_registered(uname)){
header("location:master1.php");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
LOGIN SUCCESSFUL
</body>
</html>

我似乎无法追踪错误,希望你们能帮助...谢谢

4

2 回答 2

0

您的登录脚本应该是: 

$host="localhost"; // Host name 
$username="root"; // Mysql username 
$password=""; // Mysql password 
$db_name="seelsdb"; // Database name 
$tbl_name="tblteacher"; // Table name 

// Connect to server and select databse.
mysql_connect($host, $username, $password) or die("cannot connect"); 
mysql_select_db($db_name)or die("cannot select DB");

// username and password sent from form 
$uname=$_POST['uname']; 
$pword=$_POST['pword']; 
// To protect MySQL injection (more detail about MySQL injection)
$uname = stripslashes($uname);
$pword = stripslashes($pword);
$uname = mysql_real_escape_string($uname);
$pword = mysql_real_escape_string($pword);
$sql="SELECT * FROM $tbl_name WHERE teacherEmail='".$uname."' and teacherPass='".$pword."'";
$result=mysql_query($sql);
if(!$result)
{
 echo 'Mysql did not respond to query'.mysql_error();
}
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("uname");
session_register("pword"); 
header("location:schedule.php");
}
else {
echo "Wrong Username or Password";
}

?>

但是,我强烈建议您选择MySQLi而不是 mysql_* 函数。如果您觉得舒服,也请参阅PDO

于 2012-08-25T05:59:52.687 回答
0

我已经解决了...我只是用 $_SESSION($uname)=$uname 和 $_SESSION($pword)=$pword 替换了 session_register("uname") 和 session_register("pword")

于 2012-08-25T13:30:40.300 回答