我在登錄系統中遇到錯誤。我知道它有缺陷,僅用於學習目的。 所以問題是,即使我輸入正確的登錄信息,代碼只是到最後一行並拋出最後的else語句。任何想法爲什麼這樣做?PHP系統登錄錯誤
<?php
session_start();
if (isset($_POST['submit'])) {
include 'dbc.php';
$login = mysqli_real_escape_string($conn, $_POST['login']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
//error handler
//check if inputs are empty
if (empty($login) || empty($pwd)){
header("Location: login.php?login=empty");
exit();
} else {
$sql = "SELECT * FROM user WHERE name='$login'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck < 1) {
header("Location: login.php?login=error1");
exit();
} else {
if ($row = mysqli_fetch_assoc($result)) {
//dehashing
$hashedPwdCheck = password_verify($pwd, $row['pwd']);
if ($hashedPwdCheck == false) {
header("Location: login.php?login=error2");
exit();
} elseif ($hashedPwdCheck == true) {
//Log in user
$_SESSION['s_id'] = $row['name'];
header("Location: index.php?login=success");
exit();
}
}
}
}
} else {
header("Location: login.php?login=error3");
exit();
}
顯示您我們你'form' – hungrykoala
你不該」用這個密碼'mysqli_real_escape_string()'你應該使用準備好的語句 –
你能告訴我們你的表單代碼嗎?您可能缺少提交按鈕 – Sehdev