【发布时间】:2015-02-02 23:41:50
【问题描述】:
由于某种原因,当我在表单中输入现有的用户名和密码时,输出总是“用户不存在”,我该如何更改它,以便在用户存在时将用户带到 Welcome.php 页面如果用户不存在,则“用户不存在”。数据库称为 TEST,表称为 USERS。
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$user = $conn->real_escape_string($_POST['username']);
$pass = $conn->real_escape_string($_POST['password']);
$query = "SELECT `username` AND `password` FROM `users` WHERE `username` = '$user' AND `password` = '$pass'";
$result = $conn->query($query);
if($result->num_rows < 0) {
header('Location:welcome.php');
die();
}
else $message = 'User does not exist';
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Test</title>
</head>
<body>
<form method="post" action="testing.php" enctype="multipart/form-data">
<?php if(isset($message)) : ?>
<div class="error"><?php echo $message; ?></div>
<?php endif; ?>
Username: <input type="text" value="" name="username" /><br /><br />
Password: <input type="text" value="" name="password" /><br /><br />
<input type="submit" name="submit" value="Log In"/><br /><br />
<a href="register.php">Register</a>
</form>
</body>
</html>
【问题讨论】:
-
请查看用于存储的散列密码。查看 PHP5.5+ 中包含的
password_hash函数。 -
我帮助你创建了这个表单,似乎我在这里犯了错误 if($result->num_rows 肯定需要更改为 if($result->num_rows > 0) {