Fatal编程技术网
  • php/
  • 这是我用于登录的简单php脚本,我无法从数据库发布值

这是我用于登录的简单php脚本,我无法从数据库发布值

php mysql post

这是我用于登录的简单php脚本,我无法从数据库发布值,php,mysql,post,Php,Mysql,Post,这是整个php脚本。连接到数据库后不会发生任何事情 $con = mysqli_connect("localhost:3306", "xyz", "xyz", "xyz"); echo "connected to the database"; if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } 这是表单连接到数据库后的php脚本 if (isset(

这是整个php脚本。连接到数据库后不会发生任何事情

$con = mysqli_connect("localhost:3306", "xyz", "xyz", "xyz");
echo "connected to the database";

if (mysqli_connect_errno()) {
    echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
这是表单连接到数据库后的php脚本

if (isset($_POST['submit']))
 //program never enters this
{
    if (isset($_POST['id']) && isset($_POST['name']) && ($_POST['pass'])) {
        $i_d = $_POST['id'];
        $username = $_POST['uname'];
        $password = $_POST['pass'];
        $sql = "SELECT * FROM emp WHERE ID='$i_d' and User_Name='$username' and  Password='$password' and active=1";
        $result = mysqli_query($con, $sql) or die(mysqli_error());
        $count = mysqli_num_rows($result);
        if ($count == 1) {
            echo "You are logged in";
        } else {
            echo "Login Failed";
        }
    }
}
尝试回显
$\u POST['submit']
$\u POST['id']
$\u POST['name']
$\u POST['pass']
并检查您是否正在获取数据。

尝试以下操作:

/* ESTABLISH CONNECTION */

$con=mysqli_connect("localhost:3306","xyz","xyz","xyz");
echo "connected to the database";

if (mysqli_connect_errno()) {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}   


/* this is the php script after the form is connected to database. */

   if (isset($_POST['submit'])) /* IF SUBMIT BUTTON IS CLICKED. MAKE SURE THE NAME OF YOUR SUBMIT BUTTON IS 'submit' */
    { 
    if (!empty($_POST['id']) && !empty($_POST['name']) && !empty($_POST['pass'])){ /* YOU FORGOT THE THIRD CONDITION ON THIS PART*/

/* USE AT LEAST REAL ESCAPE FUNCTION TO PREVENT SQL INJECTION */

      $i_d = mysqli_real_escape_string($con,$_POST['id']); 
      $username = mysqli_real_escape_string($con,$_POST['uname']);
      $password = mysqli_real_escape_string($con,$_POST['pass']);

      $sql = "SELECT * FROM emp WHERE ID='$i_d' AND User_Name='$username' AND Password='$password' AND active='1'"; /* YOUR QUERY. MAKE SURE YOU HAVE YOUR PUT THE COLUMN NAMES CORRECTLY. */
      $result = mysqli_query($con,$sql); /* EXECUTE QUERY */

      $count = mysqli_num_rows($result); /* COUNT THE RESULT OF YOUR QUERY */ 
      if ($count == 1){
      echo "You are logged in";
      }

      else { echo "Login Failed"; } 

    } /* END OF IF NOT EMPTY SUBMITTED DATA */

   } /* END OF IF ISSET SUBMIT */
注:
  • 我已经对我对您的代码所做的更改发表了评论
  • 您忘记了
    $\u POST['pass']
    变量的IF条件
  • 至少使用mysqli\u real\u escape\u string函数来防止SQL注入
  • 确保在查询中输入了
    emp
    表中的正确列名
如果(isset($_POST['submit']){} 然后查看您是否在post数组()中获得[submit]=>submit
检查“提交”按钮的名称它必须是与此代码有关的问题(但与您的问题无关):您的数据库中有纯文本密码,并且您可能受到SQL注入攻击。查看准备好的语句是如何工作的,并将密码作为散列存储在数据库中。您有
$\u POST['name']
$\u POST['uname']
两种情况。发布一个变量转储
$\u POST
是的,我纠正了uname错误,但仍然不起作用尝试从查询中删除$i\u d的单引号,因为它是一个数字,并尝试回显$count。检查您是否得到任何计数。我使用了您的脚本并纠正了我的错误,我得到了错误“警告:mysqli_num_rows()期望参数1是mysqli_result,布尔值在第34行的C:\wamp\www\Doc.php中给出” 
print_r($_POST);