-1

我已经编写了登录代码,但我需要知道,作为成功消息,它会回显用户的名字。
名字存储在数据库中与电子邮件相同的条目中。
我需要制作一个数组,但我不知道如何。

if ($_POST['submit']) {
    if ($_POST['email']) {
        if ($_POST['password']) {

            $password = md5($_POST['password']);
            $email = $_POST['email'];
            $p = mysql_query("SELECT * FROM Users WHERE Email='$email' AND Password='$password'");

            if (mysql_fetch_array($p) != 0){

                echo "WHAT GOES HERE?";
                $registered = mysql_query("SELECT * FROM Users WHERE Email='$email'"); 
                setcookie("PeopleHubLogged", ".$email.");

            } else {
             echo "<font color='red'>Login Failed</font>"; 
            }
        } else { 
        echo "<font color='red'>You need to enter a password!</font>";
        }
    } else { 
    echo "<font color='red'>You need to enter a email!</font>"; 
    }
}
4

1 回答 1

0

不确定您的桌子是什么样子,但这是您要找的吗?

if ($_POST['submit']) {
    if ($_POST['email']) {
        if ($_POST['password']) {

            $password = md5($_POST['password']);
            $email = $_POST['email'];
            $p = mysql_query("SELECT * FROM Users WHERE Email='$email' AND Password='$password'");

            if (mysql_fetch_array($p) != 0){

                echo "WHAT GOES HERE?";
                $registered = mysql_query("SELECT * FROM Users WHERE Email='$email'"); 
                setcookie("PeopleHubLogged", ".$email.");

                $outArr = mysql_fetch_array($registered);
                echo "Hello " . $outArr["FirstName"];

            } else {
             echo "<font color='red'>Login Failed</font>"; 
            }
        } else { 
        echo "<font color='red'>You need to enter a password!</font>";
        }
    } else { 
    echo "<font color='red'>You need to enter a email!</font>"; 
    }
}

我强烈建议您重新构建它,消除嵌套,并使用不同的 SQL 驱动程序。(查找 PDO)。你的代码很危险。SQL注入可以很容易地应用于这段代码,所以我希望这永远不会面对互联网。如果您正确使用 PDO 驱动程序,它将使 SQL 注入几乎不可能 - 因此我强烈推荐它。

否则,我将如何编写您的代码:

if (!isset($_POST['submit'])) {
     echo "<font color='red'>You need to enter a email!</font>"; 
     return;
}
if (!isset($_POST['email'])) {
    echo "<font color='red'>You need to enter a password!</font>";
    return;
}
if (!isset($_POST['password'])) {
    echo "<font color='red'>Login Failed</font>"; 
    return;
}

$password = md5($_POST['password']);
$email = $_POST['email'];
$p = mysql_query("SELECT * FROM Users WHERE Email='$email' AND Password='$password'");

if (mysql_fetch_array($p) != 0){

    echo "WHAT GOES HERE?";
    $registered = mysql_query("SELECT * FROM Users WHERE Email='$email'"); 
    setcookie("PeopleHubLogged", ".$email.");

    $outArr = mysql_fetch_array($registered);
    echo "name: " . $outArr["FirstName"];
}
于 2013-10-09T19:41:32.247 回答