-2
我一直在爲我的網站編寫登錄頁面,但即使我已經在鏈接的MySQL數據庫的表格中創建了一個測試用戶,該代碼仍會返回'用戶未找到'。 請幫忙!
P.S.在此版本的代碼中,我用佔位符替換了主機名,數據庫,數據庫用戶和數據庫密碼。PHP - 編程登錄頁面時出現問題
<?php
if (isset($_POST['submit'])){
if(empty($_POST['username'])){
echo "Username is required<br/>";}
if(empty($_POST['password'])){
echo "Password is required<br/>";};
$user = $_POST['user'];
$password = $_POST["password"];
$accounts = mysql_connect("hostname", "database user", "database password")
or die (mysql_error());
mysql_select_db("database", $accounts);
$field = "username";
$password = md5(md5("98g£h14cGsd".$password."98ghsdht614cGsd"));
$result = mysql_query("SELECT * FROM Users WHERE $field = $user LIMIT 1");
if ($result){
$count=mysqli_num_rows($result);
}
if ($count==1){
$row = mysql_fetch_array($query);
$dbid = $row['id'];
$dbuser = $row['username'];
$dbpass = $row['password'];
$dbactive = $row['emailactivated'];
if ($password == $dbpass) {
if ($dbactive == '1'){
//set session info
$_SESSION['userid'] = $dbid;
$_SESSION['username'] = $dbuser;
echo "You have been logged in as <b> $dbuser </b>. <a href ='./member.php'> Click here </a> to go to member page";
}
else
echo "You must activate your account before logging in. $form";
}
else
echo "You did not enter the correct password. $form";
}
else
echo "The username you entered was not found. $form";
mysql_close();
}
?>
首先,'mysql_'功能已被棄用。你需要切換到'mysqli_'。其次,你有大量的[SQL注入漏洞](http://www.bobby-tables.com/)。第三,你有沒有拋棄你的實際SQL,並返回結果? – Machavity 2014-10-12 14:04:32
在你的代碼中聲明你所有的變量,看看他們都說了些什麼。更可能的情況是,您輸入的用戶名與數據庫中的用戶名不符 - 您的var排列有些問題,或者使用了'md5()'。 Probs你檢查一個散列傳遞對非散列,反之亦然。其他說明:md5不安全,你應該看看從表單腳本中分離出你的數據庫內容,等等。 – James 2014-10-12 14:33:36