0 
<?php
include 'session.php';
?>

<html>
<head>
<link href="css/adminOpmaak.css" rel="stylesheet" type="text/css"/>
<?php
        mysql_connect("localhost", "admin", "") or die(mysql_error());
        mysql_select_db("test") or die(mysql_error());
?>

</head>

<body>
<div class = "header">

<a href="index.php"><img src="home-icon.png" width="25" height ="25"></a>

</div> <!--header-->

<div class = "menu">

</div> <!--menu-->

<div class ="content">
<form action="Login.php" method="POST">

<input type="text" align="center" name="Account"  value="<?php echo isset     ($_POST['Account'])?$_POST['Account']:"";?>"/> <br />
<input type="text" align="center" name="Password" value="<?php echo isset    ($_POST['Password'])?$_POST['Password']:"";?>" /><br />    
<input type="submit" name="Login" value="Login"/><br />
<?php 
if(isset ($_POST ['Login']))
{
    $querystring ="SELECT Account FROM Admins WHERE Account ='".$_POST['Account']."';";
    $result = mysql_query($querystring);

    mysql_query($querystring)or die (mysql_error());

    if (empty($_POST['Account']) || empty($_POST['Password'])) 
    {
        echo "niet alles is ingevoerd"; 

    }
    elseif (mysql_num_rows($result) == 1) 
    {
        $user = mysql_fetch_assoc($result); 
    } 
    else 
    {
        echo "dit account bestaat niet";
    }

    if(md5($_POST['Password']) != $user['Password'])
    {
        echo "wachtwoord is niet correct";?><br/> <?php
        echo "Het account is:".$user['Account'];?><br/> <?php
        echo "het wachtwoord is: ".$user['Password'];?><br/> <?php
        echo mysql_fetch_assoc($result);
    }
}   
?>  
</form>
</div>

</body>
</html>

这有点奇怪,因为他确实认出了 $user['Account']; 而且他不认识密码版本。

我的数据库具有正确的值。这是他的回声:

wachtwoord is niet correct
Het account is:Probeersel
het wachtwoord is:

所以我不知道他为什么能认出这个账户,但他不认得 wachtwoord。这是为什么?

4

1 回答 1

0

有几个问题。

首先,你的mysql语句是错误的。

改变这个:

$querystring ="SELECT Account FROM Admins WHERE Account ='".$_POST['Account']."';";

对此:

$querystring ="SELECT * FROM Admins WHERE Account ='" .$_POST['Account']. "'";

接下来,对于一个测试,回显您从 db 查询中获得的帐户名称和密码,这样您就可以确保您得到了您所期望的(可能字段名称的大小写错误或类似的东西)。

$user = mysql_fetch_assoc($result);
echo 'Got this username: ' .$user['Account']. '<br />';
echo 'Got this password: ' .$user['Password']. '<br />';

一旦您确信您获得了正确的数据,您就可以完成您的脚本。

这个:

if(md5($_POST['Password']) != $user['Password'])
{
    echo "wachtwoord is niet correct";?><br/> <?php
    echo "Het account is:".$user['Account'];?><br/> <?php
    echo "het wachtwoord is: ".$user['Password'];?><br/> <?php
    echo mysql_fetch_assoc($result);
}

可以重写为:

if(md5($_POST['Password']) != $user['Password'])
{
    echo "wachtwoord is niet correct<br />";
    echo "Het account is: " .$user['Account']. "<br />";
    echo "het wachtwoord is: " .$user['Password']. "<br />";
}
于 2013-08-23T15:12:25.300 回答