我正在为一家公司创建一个内部网,我已经完成了登录/处理页面,但它不能正常工作。我试过无数次修复它,让它工作,但我仍然不断只是得到一个空白页,当我运行它。我想知道如果它是调用重定向通过头部在结束…有人能告诉我我做错了什么吗?
这是我更新的代码:
<?php
session_start();
include_once "databaseconnect.php";
// username and password sent from form
$myusername=$_POST['user'];
$mypassword=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysqli_real_escape_string($myusername);
$mypassword = mysqli_real_escape_string($mypassword);
$result= mysqli_query($connect,"SELECT * FROM access WHERE user='$myusername' AND password='$mypassword' ");
// Mysql_num_row is counting table row
$count= mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
$row = mysqli_fetch_row($result);
$_SESSION['username']=$row['user'];
$_SESSION['password']=$row['password'];
if($row['user']== $myusername)
{
header("location:dashboard.php");
}
else
{
echo "Error in Validating User";
}
}
?>
最后一个if()
并没有真正检查变量,而是一个名为"$myusername"
的字符串(去掉引号)
if($row['user'] == $myusername)
{
header("location:dashboard.php");
}
else
{
echo "error in validating user";
}