0

当用户输入他们的详细信息时,他们单击登录但它不起作用,我与数据库的连接很好,它的这个文件不起作用,任何帮助将不胜感激,谢谢 

include '../connection.php'; //used to include connection file that is 1 level higher in the directory 

$username = $_REQUEST['username'];
$password = $_REQUEST['password'];

$fquery = 'SELECT Username FROM login LIMIT 0, 30 ';
$squery = 'SELECT Password FROM login LIMIT 0, 30 ';

$username_query = mysqli_query($dbc, $fquery);
$password_query = mysqli_query($dbc, $squery);

$username_row = mysqli_fetch_array($username_query);
$password_row = mysqli_fetch_array($password_query);

if($username == $username_row && $password == $password_row) {
    echo 'username and password correct';
}


?>
4

3 回答 3

2 
<?php

include '../connection.php'; //used to include connection file that is 1 level higher in the directory 

$username = $_REQUEST['username'];
$password = $_REQUEST['password'];

$query = 'SELECT Username FROM login WHERE Username = ? AND Password = ?';

/* set a default value to check against */
$valid_user = '';

/* use prepared statement */
$stmt = mysqli_stmt_init($dbc);
if (mysqli_stmt_prepare($stmt, $query)) {
    /* set question marks equal to values */
    mysqli_stmt_bind_param($stmt, 'ss', $username, $password);
    mysqli_stmt_execute($stmt);

    /* get the valid username only if query is successful */
    mysqli_stmt_bind_result($stmt, $valid_user);
    mysqli_stmt_fetch($stmt);

    /* close the statment */
    mysqli_stmt_close($stmt);
}


/* check if default was overwritten */
if($valid_user != '') {
    echo 'username and password correct';
}
?>

试试这个,应该完成你想做的事情。

于 2012-11-06T21:06:41.927 回答
0 
     $username_query = mysqli_query($dbc, $fquery);
     $password_query = mysqli_query($dbc, $squery);       
     $username_row   = $username_query->fetch_array(MYSQLI_ASSOC);
     $password_row   = $password_query->fetch_array(MYSQLI_ASSOC);        

     if($username == $username_row['username'] && $password == $password_row['Password']) {
       echo 'username and password correct';
     }
于 2012-11-06T21:03:30.413 回答
0 
$username = mysqli_real_escape_string($dbc, $_REQUEST['username']);
$password = mysqli_real_escape_string($dbc, $_REQUEST['password']);
$query = "SELECT * FROM login WHERE Username = '$username' AND Password = '$password' LIMIT 1";

if(mysqli_num_rows($query) > 0)
    echo 'username and password correct';
于 2012-11-06T21:07:48.910 回答