-1

好的,所以我是 pdo 的新手,并且制作了一个简单的登录系统,但是当用户将用户名或密码留空时无法弹出错误消息,但我没有运气,我通过研究和其他人的帮助得到了这么远的代码,但是我现在很难过。任何帮助都会非常棒,请记住我是新手。

PS我知道这不是一个安全的系统

这是代码

<?php
    session_start();
    //connection String
    $connection = new PDO("sqlsrv:server=server;Database=database", "username", "password"); 

    //Seelcting function
    $smt = $connection->prepare("select user_id, username from account where username = :username and password =:password");

    //setting values to textboxes
    $username = $_POST["txt_username"];
    $password = $_POST["txt_password"];

    //binding values
    $smt->bindParam(':username', $username);
    $smt->bindParam(':password', $password);

    //execution
    $smt->execute();

    //fetching data
    $row = $smt->fetch( PDO::FETCH_ASSOC ) ;  
    echo "$row[user_id]\n\n";
    echo "$row[username]\n\n";
    $_SESSION{"user_id"} = $row["user_id"];



if ($smt->recordCount() == 0){
  $_SESSION['errormsg'] = "login failed";
  header( "location: login.php");
} else{
  header("location: homepage.php");
}


if( isset( $_SESSION['errormsg'] ) ) {
  // do the output
  echo $_SESSION['errormsg'];
  // delete the message from the session, so that we show it only once
  unset( $_SESSION['errormsg'] );
}



?>
4

1 回答 1

0

好的,看起来您在设置错误后立即取消设置错误。更改顺序,以便检查是否设置了错误消息,然后重定向错误。

于 2013-05-30T16:46:45.700 回答