我得到了一个简单的登录脚本,它发布密码并检查与数据库的一致性
session_start();
include 'core/config.php';
include 'core/db.php';
$checkPWD = $DB_CON -> query('SELECT * FROM users');
$checkPWD->execute();
$pwd = $checkPWD->fetchAll();
if($_POST['password']) {
$md5pwd = md5($_POST['password']);
if($md5pwd == $pwd[2]) {
$_SESSION['login'] = 'true';
$_GET['page'] = 'dashboard';
} else {
$_GET['error'] = 'true';
}
}
此退出并将$_GET['error']设置为true。密码存储在数据库的md5中。
非常感谢
您应该在查询中执行此操作:
$md5pwd = md5($_POST['password']);
$checkPWD = $DB_CON->query("SELECT * FROM users WHERE password = '{$md5pwd}' LIMIT 1");
$pwd = $checkPWD->fetchAll();
if ($pwd) {
// Has find someone
} else {
// Hasn't find no one
}