0

我正在尝试制作一个简单的 PHP MySQL 登录页面。我一直在阅读代码,看不出我做错了什么。我正在使用我刚刚在数据库中查看的电子邮件和密码进行测试,因此我知道它存在。当我在上一个表单上单击提交时,它只是将我重定向回同一页面并且没有登录(我知道这是因为我的标题在 $_SESSION 变量起作用时会发生变化;我知道这是因为我的注册页面有效但是不是您注册后的登录信息)。还要注意,在注册时,他们会输入他们的名字和姓氏,这就是我将其包含在 session_start 的 $_SESSION 变量中的原因。这是代码(首先是表单,然后是 checklogin.php 页面):

<!--THIS IS THE FORM FROM THE PAGE SIGN_IN.PHP-->
<form method="post" target="checklogin.php">
   <label for="email">EMAIL/USERNAME:</label>
   <input type="text" name="email" id="email">
   <label for="password">PASSWORD:</label>
   <input type="password" name="password" id="password">
   <br />
   <input type="submit" value="Let's Play!">
</form>

这是表单发布到的 checklogin.php 脚本:

<?php
$mysqli = mysqli_connect("mysql_name","login_id","password", "db_name");
if (!$mysqli)
  {
  die('Could not connect: ' . mysqli_error($mysqli));
  }

// username and password sent from form
//NEVER Remove the mysql_real_escape_string. Else there could be an Sql-Injection!
$email=$mysqli->real_escape_string($_POST['email']);
$password=$mysqli->real_escape_string($_POST['password']);

$sql="SELECT * FROM tbl_name WHERE email='$email' and password='$password'";
$result = $mysqli->query($sql);

if(is_object($result) && $result->num_rows == 1){
  // Register variables and redirect to file "profile.php"
  session_start();
  $_SESSION['firstname']=$_POST['firstname'];
  $_SESSION['lastname']=$_POST['lastname'];
  $_SESSION['email']=$_POST['email'];
  $_SESSION['password']=$_POST['password'];
  redirect('profile.php');
} else {
  echo "Wrong Username or Password";
}

?>

我也用 header('location:profile.php') 试过这个,但结果相同。

4

2 回答 2

4 
<form method="post" action="checklogin.php">

action属性用于指定将发布表单的 URL。而该target属性用于指定应加载 URL 的位置。

如果action缺少该属性,则默认为当前 URL,这就是您在提交表单时导航到同一页面的原因。

于 2012-10-30T04:03:05.477 回答
2 
Change Your Form As:

    <form method="post" action="checklogin.php">
       <label for="email">EMAIL/USERNAME:</label>
       <input type="text" name="email" id="email">
       <label for="password">PASSWORD:</label>
       <input type="password" name="password" id="password">
       <br />
       <input type="submit" value="Let's Play!">
    </form>

 Checklogin.php as

    <?php
    $mysqli = mysqli_connect("mysql_name","login_id","password", "db_name");
    if (!$mysqli)
      {
      die('Could not connect: ' . mysqli_error($mysqli));
      }

    // username and password sent from form
    //NEVER Remove the mysql_real_escape_string. Else there could be an Sql-Injection!
    $email=$mysqli->real_escape_string($_POST['email']);
    $password=$mysqli->real_escape_string($_POST['password']);

    $sql="SELECT * FROM tbl_name WHERE email='$email' and password='$password'";
    $result = $mysqli->query($sql);

    if(is_object($result) && $result->num_rows == 1){
      // Register variables and redirect to file "profile.php"
      session_start();
      $_SESSION['firstname']=$_POST['firstname'];
      $_SESSION['lastname']=$_POST['lastname'];
      $_SESSION['email']=$_POST['email'];
      $_SESSION['password']=$_POST['password'];
      //redirect('profile.php');
      header('location:profile.php');

} else {
  echo "Wrong Username or Password";
}

?>
于 2012-10-30T04:14:45.290 回答