提交的空白值和返回的mysql查询存在问题一开始我忽略了这个问题。这是： <?php $link = mysql_connect('127.0.0.1', 'ilhan', 'password123'); if(!$link) { die('Could not connect: ' . mysql_error()); } mysql_select_db("metu", $link); mysql_set_charset('utf8',$link); if(isset($_POST["email"])) // AND strlen($_POST["email"])>1 solves the problem // but I didn't get why the page is redirected... { $email = mysql_real_escape_string($_POST["email"]); $password = mysql_real_escape_string($_POST["password"]); $result = mysql_query("SELECT password, id FROM users WHERE email = '$email'"); if (!$result) { die('Invalid query: ' . mysql_error()); } $row = mysql_fetch_assoc($result); if($row['password'] == $password) { $_SESSION['valid_user'] = $row['id']; mysql_close($link); header("Location: http://www.example.com"); } else $login = false; mysql_close($link); } else $login = false; ?>_Php_Mysql_Easyphp

提交的空白值和返回的mysql查询存在问题一开始我忽略了这个问题。这是： <?php $link = mysql_connect('127.0.0.1', 'ilhan', 'password123'); if(!$link) { die('Could not connect: ' . mysql_error()); } mysql_select_db("metu", $link); mysql_set_charset('utf8',$link); if(isset($_POST["email"])) // AND strlen($_POST["email"])>1 solves the problem // but I didn't get why the page is redirected... { $email = mysql_real_escape_string($_POST["email"]); $password = mysql_real_escape_string($_POST["password"]); $result = mysql_query("SELECT password, id FROM users WHERE email = '$email'"); if (!$result) { die('Invalid query: ' . mysql_error()); } $row = mysql_fetch_assoc($result); if($row['password'] == $password) { $_SESSION['valid_user'] = $row['id']; mysql_close($link); header("Location: http://www.example.com"); } else $login = false; mysql_close($link); } else $login = false; ?>

php mysql

提交的空白值和返回的mysql查询存在问题一开始我忽略了这个问题。这是： <?php $link = mysql_connect('127.0.0.1', 'ilhan', 'password123'); if(!$link) { die('Could not connect: ' . mysql_error()); } mysql_select_db("metu", $link); mysql_set_charset('utf8',$link); if(isset($_POST["email"])) // AND strlen($_POST["email"])>1 solves the problem // but I didn't get why the page is redirected... { $email = mysql_real_escape_string($_POST["email"]); $password = mysql_real_escape_string($_POST["password"]); $result = mysql_query("SELECT password, id FROM users WHERE email = '$email'"); if (!$result) { die('Invalid query: ' . mysql_error()); } $row = mysql_fetch_assoc($result); if($row['password'] == $password) { $_SESSION['valid_user'] = $row['id']; mysql_close($link); header("Location: http://www.example.com"); } else $login = false; mysql_close($link); } else $login = false; ?>,php,mysql,easyphp,Php,Mysql,Easyphp,空$row['password']等于空$password。评估为true 这就是我要做的 if($row['password'] == $password) 如果$\u POST[“email”]为空字符串->isset将返回true 编辑：添加if（isset（$\u POST[“email”]）和&isset（$\u POST[“password”]）以避免空密码，并确保$row在`if（$row['password']=$password）使用mysql\u num\u rows函

空

$row['password']

等于空

$password

。评估为

true

这就是我要做的

if($row['password'] == $password)


如果$\u POST[“email”]为空字符串->isset将返回true
编辑：添加if（isset（$\u POST[“email”]）和&isset（$\u POST[“password”]）
以避免空密码，并确保$row
在`if（$row['password']=$password）
使用mysql\u num\u rows函数查找返回的行数。mysql_查询将在出错时返回FALSE，但在您的情况下，如果电子邮件为空，您的SQL仍然是有效的SQL。它只会返回一个空的结果集。我知道blank不是“notset”，但mysql会返回什么作为密码？我的表中空白的对应行是什么，以便返回空白密码？这没有意义。我知道，然后它不应该通过if（$row['password']=$password）。重定向就在其中。
<?php
include 'db.php';    
if(isset($_POST["email"]))
{
    $sql = "SELECT id FROM users WHERE email='%s' AND password='%s'";
    $id  = dbGetOne($sql,$_POST["email"],MD5($_POST["email"].$_POST["password"]));
    if($id) 
    {
        $_SESSION['valid_user'] = $row['id'];
        header("Location: http://www.example.com");
        exit;
    }
}

  if(isset($_POST["email"])) 
 // AND strlen($_POST["email"])>1 solves the problem 
 // but I didn't get why the page is redirected...