我是php的新手。
我正在为用户进行登录,然后我想在他/她登录到我的数据库表中的每一行时比较此人的用户名和密码。
对于这种情况,假设user=michael,pssword=1234
我得到了这个:
$username= "michael";
$password= "1234";
include("includes/connect.php");
$mobile_user = "select * from mobileuser" ;
$query = mysqli_query ($conn, $mobile_user);
while($results = mysqli_fetch_array ($query)){
$user_name = $results['mobile_user_name'];
$pass = $results['mobile_user_pass'];
}
但是,这只与数据库表中的最后一行数据相比较。
例如,如果username=michael n password=1234位于我的数据库表的最后一行,则登录成功,如果不位于最后一行则登录失败。
有人能帮忙吗?
您应该将代码修改为:
$username= "michael";
$password= "1234";
include("includes/connect.php");
$mobile_user = "SELECT * FROM mobileuser WHERE mobile_user_name='$username' AND mobile_user_pass='$password' LIMIT 0,1";
$query = mysqli_query ($conn, $mobile_user);
$result = mysqli_fetch_array ($query);
$user_name = $result['mobile_user_name'];
$pass = $result['mobile_user_pass'];
这应该很有魅力。然而,更好的版本是:
$username= "michael";
$password= "1234";
include("includes/connect.php");
$mobile_user = "SELECT count(*) as count FROM mobileuser WHERE mobile_user_name='$username' AND mobile_user_pass='$password'";
$query = mysqli_query ($conn, $mobile_user);
$result = mysqli_fetch_array ($query);
if($result['count'] > 0){
echo "Match Found.";
}
如果您想检查用户的凭据是否有效,您应该计算它们匹配的行数;如果小于1,则提供的凭据无效。SQL查询:
SELECT COUNT(*) AS number, mobile_user_name, mobile_user_pass FROM mobileuser WHERE mobile_user_name = 'someusername' AND mobile_user_pass = 'somepass'
请注意,您应该防止代码被SQL注入,并且您可能希望将散列密码存储在数据库中,以避免将其存储在明文中。
试试看:
require_once ('con.php');
$q = "SELECT `password` FROM `tbl_where_user_is` WHERE `tbl_row_username` = '$username'";
$r = mysqli_query($db_connnect, $q);
$row = mysqli_fetch_array($r);
$r = mysqli_query ($db_connnect, $q);
if(mysqli_num_rows($r)==1)
{
echo $username;
}else{
echo "user not found";
}