我试图制作一个简单的登录页面,但它说。
Parse error: syntax error, unexpected '$dbpassword' (T_VARIABLE) in /home/speedmin/public_html/login.php on line 19
这是我的 php 脚本代码:
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if($username&&$password){
$connect = mysql_connect("localhost","root","code") or die("Kunne ikke finde databasen");
mysql_select_db("dbname") or die("Kunne ikke finde databasen");
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_fields($query);
if($numrows){
while($row = mysql_fetch_assoc($query)){
$dbusername = $row['username']
$dbpassword = $row['password']
}
if($username==$dbusername&&md5($password)==$dbpassword){
echo"You are logged in";
$_SESSION['username'] = $username;
}
else {
echo"Din kode er forkert";
}
}
else{
die("Der er ingen bruger der hedder det");}
}
else{
die("Skriv venligst din bruger & kode");
}
?>
希望你能帮忙,这可能是一个愚蠢的问题,但我对php不太好。
我看不出这条线有什么问题,所以:(
找到了解决方案。:D
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if($username&&$password){
$connect = mysql_connect("localhost","root","password") or die("Kunne ikke finde databasen");
mysql_select_db("db") or die("Kunne ikke finde databasen");
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_fields($query);
if($numrows){
while($row = mysql_fetch_assoc($query)){
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if($username==$dbusername&&$password==$dbpassword){
echo"Du logget ind";
@$_SESSION['username'] = $username;
}
else {
echo"Din kode er forkert";
}
}
else{
die("Der er ingen bruger der hedder det");}
}
else{
die("Skriv venligst din bruger & kode");
}
?>
因为你忘记了;.它应该是:
while($row = mysql_fetch_assoc($query)){
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
但我也建议您使用 mysqli_* 而不是已弃用的 mysql_* API。
也不要让用户知道他们输入的用户名是否正确。所以我为你的情况做了一个更短的条件。
<?php
session_start();
/* ESTABLISH CONNECTION TO YOUR DATABASE */
$con = new mysqli("localhost", "root", "code", "dbname");
/* CHECK CONNECTION */
if (mysqli_connect_errno()) {
printf("Connect failed: %s'n", mysqli_connect_error());
exit();
}
if(isset($_POST["username"], $_POST["password"])){ /* IF BOTH ARE SET */
$password = md5($_POST["password"]); /* HASH THE SUBMITTED PASSWORD */
$stmt = $con->prepare("SELECT username, password FROM users WHERE username = ? AND password = ?"); /* PREPARE YOUR QUERY */
$stmt->bind_param("ss", $_POST["username"], $password); /* ? WILL BE REPLACED WITH THESE TWO VARIABLES RESPECTIVELY; s STANDS FOR STRING TYPE */
$stmt->execute(); /* EXECUTE YOUR QUERY */
$stmt->store_result(); /* STORE THE RESULTS */
$numrows = $stmt->num_rows; /* GET THE NUMBER OF RETURNED ROWS */
$stmt->bind_result($dbusername, $dbpassword); /* BIND THE RESULT TO THESE TWO VARIABLES ACCORDINGLY */
$stmt->fetch(); /* FETCH RESULTS */
$stmt->close(); /* CLOSE PREPARED STATEMENT */
if($numrows > 0){ /* IF FOUND MATCH */
echo "You are logged in";
$_SESSION['username'] = $dbusername;
}
else {
echo"Din kode er forkert";
}
}
else {
die("Skriv venligst din bruger & kode");
}
?>
password_hash是一种更安全的加密密码方式,而不是md5() .如果你有时间,也看看它。
if($numrows){
while($row = mysql_fetch_assoc($query)){
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if($username==$dbusername&&md5($password)==$dbpassword){
echo"You are logged in";
$_SESSION['username'] = $username;
}
else {
echo"Din kode er forkert";
}
}
失踪;
if(isset($userName( & isset($password(({ 其余代码在这里。应该工作。你为什么要循环往复?只需使用 if 语句即可。 if($username == $row['userName'] & & md5($password( == $row['password'](
试试这段代码..我正在使用这种方式登录.php
if(isset($_POST['sbtLogin'](({
extract($_POST);
$email = isset($email) ? $email : '';
$password = isset($password) ? md5($password) : '';
$remember = isset($remember) ? $remember : 'n';
if($email != '' && $password != '')
{
$selUser = mysql_query('SELECT id,firstName FROM tbl_users WHERE email = "'.$email.'" AND password="'.$password.'" LIMIT 1');
if(mysql_num_rows($selUser)>0){
$fetchUsr = mysql_fetch_assoc($selUser);
$_SESSION['sessUserId'] = $fetchUsr['id'];
$_SESSION['sessUserName'] = $fetchUsr['firstName'];
echo 'Successfully loggedin';
}
else{
$msg = 'Invalid Username or password';
}
}
else{
echo 'Fill all values properly';
}
}