【发布时间】:2014-10-20 12:12:15
【问题描述】:
我创建了一个登录表单,但无法正常工作。
我的选择语句是正确的(适用于数据库)并且来自 $query 的回显解决了以下问题(例如)
SELECT * FROM users WHERE email = 'test@test.com' AND password = password
但是在它下面的 if 语句中总是处理'下面的代码
else
{
echo "Your login is invalid";
echo $_POST['username'];
}
完整代码如下
<?php
require_once __DIR__ . ('/../config/init.php');
?>
<!DOCTYPE html>
<html>
<head>
<?php
include INCLUDES . 'head_tags.php';
?>
</head>
<body>
<div class='container'>
<?php
include INCLUDES . 'header.php';
include INCLUDES . 'nav.php';
?>
<div class='two-thirds column'>
<h2>Login</h2>
<form action='#' method='post'>
<div>
<label for="username">Username (E-email address):</label>
<input type='text' id="username" name='username' placeholder='Username' autocomplete='on' required>
<label for="password">Password:</label>
<input type='password' id='password' name='password' placeholder='Password' autocomplete='on' required>
</div>
<div>
<?php
if($_POST){
$connection = mysql_connect($db['hostname'], $db['username'], $db['password']) or die(mysql_error());
mysql_select_db($db['database'], $connection) or die(mysql_error());
/*Echo's to check correct data is being used
echo $_POST['username'];
echo $_POST['password'];*/
$email = mysql_real_escape_string($_POST['username']);
$query = "SELECT * FROM users WHERE email = '$email' AND password = ".$_POST['password']."";
echo $query;
$result = mysql_query($query) or die('Query failed: ' . mysql_error() . "<br />\n$query");
if (mysql_num_rows($result) > 0) {
echo "You have successfully logged on";
}
else
{
echo "Your login is invalid";
echo $_POST['username'];
}
}
?>
</div>
<input type='submit' value='submit'>
</form>
</div>
</div>
<?php
include INCLUDES . 'footer.php';
?>
谢谢
【问题讨论】:
-
使用
mysqli_*或PDO代替mysql_*。
标签: php mysql forms if-statement login