0

我开发了一个用于登录的登录表单,但是当我尝试登录时它无法通过。下面是我使用的部分代码。当我 echo 时,该部分$num = mysql_num_rows()返回零$num。为什么会这样?看来我的INSERT查询没有返回结果。请帮忙。

if ($warning==''){  
        $query="SELECT first_name FROM tblusers WHERE (email='$username') AND (password='".md5($_POST['password'])."')";
        $result=@mysql_query($query);
        $num = mysql_num_rows($result);
        @mysql_close();
        echo $num."perfecto".$result;           
        if($num==1)
        {
            $u=new User($username);
            include ('includes/highlight.inc.php');
            //insert user into session
            if ($username=='admin'){
                $_SESSION['user']=$username;
                $p=new Page('Log In'.$username);
                $p->setHeading('Welcome '.$u->getFirstName());
                $p->setContent($cont."<br/><br/><br/> Use the administrator's panel on the right to do the administration work of the 
                                website. To block and unblock users you use the <font color=red><b>View Auctions</b></font> link, and 
                                that is when you can block the user after assessing their record.");
                $p->printIt();
            } else {
            $_SESSION['user']=$username;
            $p=new Page('Log In'.$username);
            $p->setHeading('Welcome '.$u->getFirstName());
            $p->setContent($cont."<br/><br/><br/>".$text);
            $p->printIt(); }

        }
4

2 回答 2

0

更改您的查询字符串,如下所示:

$password = md5($_POST['password']);
$query = "SELECT first_name FROM tblusers WHERE email='".$username."' AND password = '".$password."'";

希望这可以帮助你。

于 2013-10-16T04:31:26.863 回答
0

将您的查询字符串更改为:

$query="SELECT first_name FROM tblusers WHERE email='".$username."' AND password='".md5($_POST['password'])."'";

并检查查询字符串echo $query以确保它是正确的

于 2013-10-16T04:18:30.283 回答