好,这是我的身份验证代码。现在,我有一个表和5个PHP工作脚本,除了这个。成功登录后,用户应该被重定向到他的主页,但问题是,无论登录细节如何,PHP都会返回"无法登录"错误消息。脚本如下:
session_start();
include_once'dbconnect.php';
if (isset($_SESSION['user']) != "") {
header ("Location: home.php");
}
if (isset($_POST['login'])) {
$email = mysql_real_escape_string($_POST['email']);
$pass = mysql_real_escape_string($_POST['pass']);
$sql = mysql_query("SELECT * FROM users WHERE email='".$email."'");
$num = mysql_fetch_assoc($sql);
if ($num['password'] == $pass)) {
$_SESSION['user'] = $num['user_id'];
header ("Location: home.php");
}
else {
echo "Cannot login";
}
}
有什么提示吗?谢谢你
session_start();
include_once'dbconnect.php';
if (isset($_SESSION['user']) != "") {
header ("Location: home.php");
}
if (isset($_POST['login'])) {
$email = mysql_real_escape_string($_POST['email']);
$pass = mysql_real_escape_string($_POST['pass']);
$sql = mysql_query("SELECT * FROM users WHERE email='".$email."'");
$num = mysql_fetch_assoc($sql);
if(count($num)>0){
if ($num['password'] == $pass)) {
$_SESSION['user'] = $num['user_id'];
header ("Location: home.php");
}
else {
echo "Cannot login";
}
}else{
echo "Cannot login, email id not found";
}
}
确保从数据库获取密码
1.I think Your password encrypted in db.
2.Check it out it may be md5,sha etc.
3.If yes. Change Like this
if ($num['password'] == md5($pass)){
.
.
.
.
}