php使用mysql数据库检查和验证表单输入[重复]

Question

基本上我有这个要求输入电子邮件和密码的表单。

我想要做的是比较并检查输入是否与我的表/数据库中的数据匹配。

这是我的registration.php（表格）

<form action="Authentication.php" method="post">

    <b>Returning Intern Login</b><br/><br/>
    Enter your e-mail address: <input type="text" name="email" /><br/><br/>
    Enter your password: <input type="password" name="pw2"/><br/><i>(Passwords are case-sensitive and must be 6 characters long)</i><br/><br/>

    <input type="reset" value="Reset Login Form" />
    <input type="submit" name="submit2" value="Log In" /><hr/><br/>

</form>

这是Authentication.php

session_start();

$link = mysqli_connect('localhost','root','');
$database = mysqli_select_db($link,'internship');

$user = $_POST['email'];
$pass = $_POST['pw2'];


// User is logging in
if (isset($_POST["submit2"]))
{
    if (empty ($user)) //if username field is empty echo below statement
    {
        echo "<font color='red'>***You must enter your unique username (email).***</font><br/><br/>";

    }
    if (empty ($pass)) //if password field is empty echo below statement
    {
        echo "<font color='red'>***You must enter your unique password.***</font><br/><br/>";
    }

}
else
{   

    $query = "SELECT * FROM Interns WHERE email = '". mysqli_real_escape_string($link,$user) ."' AND password = '". mysqli_real_escape_string($link,$pass) ."'" ;
    $result = mysqli_query($link,$query);
    if (mysqli_num_rows($result) == 1) 
    {
        echo "pass"; //Pass, do something
    } 
    else 
    {
        echo "fail"; //Fail
    }

}

session_write_close();

它适用于空输入。

但是当我从数据库/表中提供完全相同的电子邮件和密码时，

它显示白色的空白页..

Answer 1

您需要在 if 语句中编写整个代码，以确保填写该字段，如下所示：

 if (isset($_POST["submit2"]))
 {
    if (empty ($user)) //if username field is empty echo below statement
     {
       /* Code */

     }
     if (empty ($pass)) //if password field is empty echo below statement
     {
       /* Code */
     }

     $query = "SELECT * FROM Interns WHERE email = '". mysqli_real_escape_string($link,$user) ."' AND password = '". mysqli_real_escape_string($link,$pass) ."'" ;
     $result = mysqli_query($link,$query);
     if (mysqli_num_rows($result) == 1) 
      {
        echo "pass"; //Pass, do something
      } 
       else 
      {
        echo "fail"; //Fail
      }

 }
 else
 {
     echo "Empty input submit2"; // empty $_POST["submit2"]
 }

希望这会有所帮助。

Answer 2

Mysqli 接受 4 个参数 hostname,username,password, 和 dbname：

<?php
    session_start();

    $link = mysqli_connect('localhost','root','','internship');





    // User is logging in
    if (isset($_POST["submit2"]))
    {
    $user = $_POST['email'];
    $pass = $_POST['pw2'];
        if (empty($user)) //if username field is empty echo below statement
        {
            echo "<font color='red'>***You must enter your unique username (email).***</font><br/><br/>";

        }
        else if (empty ($pass)) //if password field is empty echo below statement
        {
            echo "<font color='red'>***You must enter your unique password.***</font><br/><br/>";
        }   
    else
    {   
   $query = "SELECT * FROM Interns WHERE email = '". $user ."' AND password = '".$pass."'" ;
        $result = mysqli_query($link,$query);
        if (mysqli_num_rows($result) == 1) 
        {
            echo "pass"; //Pass, do something
        } 
        else 
        {
            echo "fail"; //Fail
        }

    }

    session_write_close();
    ?>