-1

我有以下代码 -

<?php
$con=mysqli_connect("localhost","root","","my_db");
// Check connection
if (mysqli_connect_errno())
{
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

mysql_select_db("my_db");
$myusername=mysql_real_escape_string($_POST['myusername']);
$mypassword=mysql_real_escape_string($_POST['mypassword']);

echo $myusername . " " . $mypassword; 

$sql="SELECT id FROM EMPLOYEE WHERE username='" . $myusername . "' and password='" . $mypassword . "'";

$result=mysqli_query($con, $sql);

// If result matched $myusername and $mypassword, table row must be 1 row

if (mysql_num_rows($result) > 0) {
  // Register $myusername, $mypassword and redirect to file "login_success.php"
  $_SESSION["username"] = $myusername;
  $_SESSION["password"] = $mypassword;
  header("location:login_success.php");
} else {
  echo "Wrong Username or Password";
}

mysqli_close($con);
?>

Employee 表包含 1 个 ADMIN PASS 作为 id 用户名和密码

如果我将其输入表单并点击提交,它会打开此代码,即 check_login.php 我已经回显了用户名和密码以检查其是否正确输入。它会在屏幕上显示 ADMIN PASS。所以用户名和密码输入正确,这是肯定的。

现在唯一的问题是在员工表中“检查用户名和密码”。它不起作用。

请帮忙。

4

1 回答 1

0

干得好:

    <?php
    $con=mysqli_connect("127.0.0.1", "root", "", "my_db");
    if (mysqli_connect_errno($con))
    {
        echo "MySql Error: " . mysqli_connect_error();
        }

    $query=mysqli_query($con,"SELECT * FROM employee WHERE username='$_POST[myusername]' && password='$_POST[mypassword]'");
    $count=mysqli_num_rows($query);
    $row=mysqli_fetch_array($query);

    if ($count==1)
    {
        session_start();
        $_SESSION['username'] = $_POST['myusername'];
        $_SESSION['password'] = $_POST['mypassword'];
        header("location: login_success.php");
        }
    else
    {
        echo "Invalid username or password";
        }   

    mysqli_close($con);
    ?>
于 2013-10-23T15:10:07.290 回答