我使用PHP和HTML进行用户登录,它运行良好,当有空字段或输入错误密码时,它会向我发送错误消息,但当我想重新引导到文件时,如果"用户名"answers"密码"被正确允许,它会失败。有什么想法吗?
我的PHP:
<?php
session_start();
?>
<?php require_once("../includes/connection.php"); ?>
<?php include("../includes/header.php"); ?>
<?php
if(isset($_SESSION["session_username"])){
// echo "Session is set"; // for testing purposes
header("Location:intropage.php");
}
if(isset($_POST["login"])){
if(!empty($_POST['username']) && !empty($_POST['password'])) {
$username=$_POST['username'];
$password=$_POST['password'];
$query =mysql_query("SELECT * FROM admin_list WHERE username='".$username."' AND password='".$password."'");
$numrows=mysql_num_rows($query);
if($numrows!=0)
{
while($row=mysql_fetch_assoc($query))
{
$dbusername=$row['username'];
$dbpassword=$row['password'];
}
if($username == $dbusername && $password == $dbpassword)
{
$_SESSION['session_username']=$username;
/* Redirect browser */
header("Location:intropage.php");
}
} else {
$message = "Nombre de usuario ó contraseña invalida!";
}
} else {
$message = "Todos los campos son requeridos!";
}
}
?>
HTML
<div class="container mlogin">
<div id="login">
<h1>Logueo</h1>
<form name="loginform" id="loginform" action="" method="POST">
<p>
<label for="user_login">Nombre De Usuario<br />
<input type="text" name="username" id="username" class="input" value="" size="20" /></label>
</p>
<p>
<label for="user_pass">Contraseña<br />
<input type="password" name="password" id="password" class="input" value="" size="20" /></label>
</p>
<p class="submit">
<input type="submit" name="login" class="button" value="Entrar" />
</p>
<p class="regtext">No estas registrado? <a href="register.php" >Registrate Aquí</a>!</p>
</form>
</div>
</div>
PHP空字段错误消息
<?php if (!empty($message)) {echo "<p class='"error'">" . "MESSAGE: ". $message . "</p>";} ?>
我认为可能是字符串文字问题导致mysql查询失败。
尝试更改:
$query =mysql_query("SELECT * FROM admin_list WHERE username='".$username."' AND password='".$password."'");
相反:
$query =mysql_query("SELECT * FROM admin_list WHERE username='$username' AND password='$password'");