你好,我已经制作了一个基本的php登录系统(不使用PDO),因为我还没有掌握基本的php。
我遇到的问题是,当我尝试登录到系统时,它只是将我重定向到php页面,什么也不做。
请温柔:S
这是我的密码。
<?php
if($logged_in == 1)
{
die('You are already logged in, '.$_SESSION['name'].'.');
}
//----------------------------------------------------------------
//Escape any Dangerous SQL Characters in the text
//----------------------------------------------------------------
function QuoteSmart($value, $handle)
{
if (get_magic_quotes_gpc())
{
$value = stripslashes($value);
}
if (!is_numeric($value))
{
$value = "'" . mysql_real_escape_string($value, $handle) . "'";
}
return $value;
}
if (isset($_POST['submit'])) //if the form has been submitted
{ // check they filled in what they were supposed to and authenticate */
if(!$_POST['txt_email'] | !$_POST['txt_password'])
{
die('You did not fill in a required field.');
}
// authenticate the username and passsword.
$email = $_POST['txt_email'];
$password = $_POST['txt_password'];
//------------------------------
//Connect to the database
//-----------------------------
$server = "zzz";
$schema = "Marwick";
$uid = "xxx";
$pwd = "yyy";
$password =$_POST["txt_password"];
$email =$_POST["txt_email"];
$db_connect = mysql_connect($server , $UserID , $PassWord);
$db_select = mysql_select_db($schema, $db_connect);
if ($db_select)
{
$email = QuoteSmart($email, $db_connect);
$password = QuoteSmart($password, $db_connect);
$SQL = "SELECT * FROM account WHERE email = $email AND password = $passwordword";
$Result = mysql_query($SQL);
$NumberRows = mysql_num_rows($Result);
//------------------------------------------------------------------------
// Check to see if the value of the $result variable is true
//-----------------------------------------------------------------------
if ($Result)
{
if ($NumberRows == 1)
{
$ErrorMessage = "Logged On";
header("Location: home.html"); //The page to go to
}
else
{
$ErrorMessage = "Not logged on";
header("Location: login.html"); //Try to login again
}
}
mysql_close($db_connect);
}
else
{
$ErrorMessage = "Error with the Form!";
}
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<input name="btn_login" type="submit" class="btn_ragister" value="Submit"; onclick="" />
</form>
form id="form4" name="form4" method="post" action="">
<input name="btn_register" type="button" class="btn_ragister" value="Register"
onclick= "window.location ='../Pages/register.html' "/>
</form>
</div>
</body>
</html>
您的代码中充满了语法错误:
if(!$_POST['txt_email'] | !$_POST['txt_password'])
^---not a valid operator
和
$SQL = "SELECT * [..snip..] AND password = $passwordword";
^^^^^^^^^^^^^-undefined variable
简而言之,您需要学习基本的调试技术。
同样,mysql_*()函数也被弃用和废弃。不要学习如何使用它们,因为您刚开始使用PHP。学习mysqli(注意i)或PDO。