Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/262.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
PHP MySQL表单不工作_Php_Mysql_Forms - Fatal编程技术网
Fatal编程技术网
  • php/
  • PHP MySQL表单不工作

PHP MySQL表单不工作

php mysql forms

PHP MySQL表单不工作,php,mysql,forms,Php,Mysql,Forms,我知道这个问题很难回答,但我对PHP和MySQL还不太熟悉,我发现这段代码不起作用。。。 如果有人告诉我问题出在哪里,我将不胜感激: <?php $hostname = "localhost"; $username = "root"; $password = ""; $database = "lab"; $con = mysqli_connect($hostname, $username, $password, $database); $error = ""; $success = "";

我知道这个问题很难回答,但我对PHP和MySQL还不太熟悉,我发现这段代码不起作用。。。 如果有人告诉我问题出在哪里,我将不胜感激:

<?php
$hostname = "localhost";
$username = "root";
$password = "";
$database = "lab";
$con = mysqli_connect($hostname, $username, $password, $database);
$error = "";
$success = "";
$pass = false;
if (isset($_POST["submit"])) {
$query = mysqli_query($con, "SELECT * FROM accounts WHERE username='" . $_POST["username"] . "' password=''");
if (!$query || mysqli_num_rows($query) <= 0) {
    $error = "Wrong username or password!";
    $success = "";
} else {
    while ($row = mysqli_fetch_assoc($query)) {
        $pass = password_verify($_POST["password"], $row["password"]);
    }
    if ($pass) {
        $error = "";
        $success = "Welcome, " . $_POST['username'] . "!";
    }
}
}
?>
<html>
<head>
<title>Lab</title>
<style>
    #error {
        color: red;
    }

    #success {
        color: green;
    }
</style>
</head>
<body>
<fieldset>
<legend>Log into your account</legend>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
    <span id="error"><?php echo $error; ?></span>
    <br/>
    <span id="error"><?php echo $success; ?></span>
    <br/>
    Username:
    <input type="text" name="username" placeholder="Username"/>
    <br/>
    <br/>
    Password:
    <input type="password" name="password" placeholder="Password"/>
    <br/>
    <br/>
    <input type="submit" name="submit" value="Login"/>
</form>
</fieldset>
</body>
</html>


这是一个无效的查询。您不应该添加
password='
,即使必须添加,您也会在查询中忘记
,因此它无法工作

将查询更改为:


"SELECT * FROM accounts WHERE username='" . $_POST["username"] . "'"



请注意,您的代码易受SQL注入攻击。在修复安全漏洞之前,不应在公共网站上使用此代码。
首先,我注意到了这一点。。这真的是你的意图吗。。。我认为这意味着它将只查询那些没有设置密码的用户


SELECT * FROM accounts WHERE username='" . $_POST["username"] . "' password=''


第二,你的意思是什么(我不知道你现在在做什么


!$query 


第三,您的数据库中没有密码


$password = "";


我从W3学校得到这个,我对它做了一些修改,以满足您的需要


<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "lab";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
} 

$sql  = mysqli_query($con, "SELECT * FROM accounts WHERE username='" .       
$_POST["username"] . "'and password=''");

$result = $conn->query($sql);

if ($result->num_rows > 0) {
    echo "Welcome"
    }
} else {
    echo "Failed to login";
}
$conn->close();
?>



显示的错误是什么?

<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "lab";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
} 

$sql  = mysqli_query($con, "SELECT * FROM accounts WHERE username='" .       
$_POST["username"] . "'and password=''");

$result = $conn->query($sql);

if ($result->num_rows > 0) {
    echo "Welcome"
    }
} else {
    echo "Failed to login";
}
$conn->close();
?>