有人能把我推向正确的方向,告诉我这段代码出了什么问题吗。我没有收到任何错误,但它也没有将我登录。这个想法是在sql数据库中有一个名为memb的行,并检查状态是1还是0。如果是1,它会把你带到安全页面,如果是0,它会给你订阅页面
<?php
require_once('config.php');
if(isset($_POST['Login']) && isset($_POST['uname']) && isset($_POST['pass1'])) {
// Here check if all input are sent
$uname = $sql-> real_escape_string($_POST['uname']);
$pass1 = $sql-> real_escape_string($_POST['pass1']);
if ( !empty($uname) && !empty($pass1)) {
// Check if you input are not empty
$query= mysqli_query($sql,"SELECT * FROM login WHERE uname='".$uname."' AND pass='".$pass1."' && memb='?'");
if(!$query){ die(mysqli_error($sql)); }
$checkuser= mysqli_num_rows($query);
if($checkuser != 1) {
$error = "Username doesn't exist in our database!";
}
// Change $login with $query
while ($row = mysqli_fetch_array($query)) {
$checkpass= $row['pass'];
while ($row = mysqli_fetch_array($query)) {
$checkmemb= $row['memb'];
// here i changed $pass1 to $checkpass
if ($pass1 == $checkpass && $memb == 0){
setcookie("user", $uname, time()+7200);
$_SESSION['user'] = $uname;
$_SESSION['start'] = time();
$_SESSION['expire'] = $_SESSION['start'] + (60 * 60 * 60);
header("Location: pay.php");
exit();
} elseif($pass1 == $checkpass && $memb == 1) {
setcookie("user", $uname, time()+7200);
$_SESSION['user'] = $uname;
$_SESSION['start'] = time();
$_SESSION['expire'] = $_SESSION['start'] + (60 * 60 * 60);
header("Location: main.html");
exit();
}
}
}
}
}
尝试更改此项:
if(isset($_POST['Login']) && isset($_POST['uname']) && isset($_POST['pass1'])) {
// Here check if all input are sent
至:
if(isset($_POST['uname']) && isset($_POST['pass1'])) {
// Here check if all input are sent
没有测试,这只是一个快速的猜测。但它似乎什么都没做,因为您的输入检查失败了。