目前正在做一个需要管理面板的网站,我有一个php问题,在正确插入用户名和密码的值时,它似乎没有得到行数。以下是php代码:
admin_login.php
<?php
session_start();
if (isset($_SESSION["manager"])) {
header("location:index.php");
exit();
}
?>
<?php
if (isset($_POST["username"]) && isset($_POST["password"])) {
$manager = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["username"]);
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password"]);
// Connect to the MySQL database
include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1"); // query the person
$existCount = mysql_num_rows($sql); // count the row nums
if ($existCount == 1) { // evaluate the count
while($row = mysql_fetch_array($sql)){
$id = $row["id"];
}
$_SESSION["id"] = $id;
$_SESSION["manager"] = $manager;
$_SESSION["password"] = $password;
header("location: index.php");
exit();
} else {
echo 'That information is incorrect, try again <a href="index.php">Click Here</a>';
exit();
}
}
与sqldb的连接运行良好,我做了一个echo以确保它能正常运行
以下是index.php php代码:
<?php
session_start();
if (!isset($_SESSION["manager"])) {
header("location: admin_login.php");
exit();
}
?>
<?php
$managerID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]);
$manager = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["manager"]);
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]);
include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1");
$existCount = mysql_num_rows($sql);
if(!$existCount == 0){
echo "Your login session data is not on record in the database.";
exit();
}
?>
我确实认为这是$existCount中的一个错误,它没有得到计数?
干杯
您的问题可能是最后的if语句。更改:
if(!$existCount == 0){
echo "Your login session data is not on record in the database.";
exit();
}
至:
if($existCount == 0){
echo "Your login session data is not on record in the database.";
exit();
}
请注意缺少!
,它以您不希望的方式否定表达式。
我相信您正在从developphp中获取代码。通过使用上面的代码,如果你的密码中有一些字符不是字母数字,可以让过滤器删除它们并取消与数据库的匹配,并将$existCount返回为零。