Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/269.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
php登录不工作_Php_Mysql_Error Handling - Fatal编程技术网
Fatal编程技术网
  • php/
  • php登录不工作

php登录不工作

php mysql error-handling

php登录不工作,php,mysql,error-handling,Php,Mysql,Error Handling,我有一个mysql表,其中包含以下字段: 身份证 用户名 密码 角色 管理员的角色号为1,普通用户的角色号为2 <?php // we must never forget to start the session session_start(); $errorMessage = ''; if (isset($_POST['username']) && isset($_POST['password'])) { include 'library/connect

我有一个mysql表,其中包含以下字段:

身份证 用户名 密码 角色

管理员的角色号为1,普通用户的角色号为2

    <?php
// we must never forget to start the session
session_start();

$errorMessage = '';
if (isset($_POST['username']) && isset($_POST['password'])) {
    include 'library/connect.php';

    $username   = $_POST['username'];
    $password = $_POST['password'];

    // check if the user id and password combination exist in database
    $sql = "SELECT role FROM user WHERE username = '$username' AND password = '$password'";

    $result = mysql_query($sql) or die('Query failed. ' . mysql_error()); 
    $row = mysql_fetch_array($result);

    if (mysql_num_rows($result) == 1 AND $row['role']==2) {
        // the user id and password match, 
        // set the session
        $_SESSION['userame'] = true;
        // after login we move to the main page
        header('Location: login_success.php');
        exit;
    }
    elseif (mysql_num_rows($result) == 1 AND $row['role']== 1) {
        // the user id and password match, 
        // set the session
        $_SESSION['admin'] = true;
        $_SESSION['username'] = true;
        // after login we move to the main page
        header('Location: admin.php');
        exit;
    }
else {
        $errorMessage = 'Sorry, wrong user id / password <a href="login.html">Go Back</a>';
    }

    include 'library/closedb.php';
}
?>



<?php
if ($errorMessage != '') {
?>
<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
<?php
}
?>

您在
角色=2的第一个
if
块中拼错了用户名


$\u会话['userame']=true
看起来是打字错误造成的:


$_SESSION['userame'] = true;


如果它不能解决这个问题,你能给login_success.php一个密码吗


 if (mysql_num_rows($result) == 1 AND $row['role']==2) {
        // the user id and password match, 
        // set the session
        $_SESSION['username'] = true;
        // after login we move to the main page
        header('Location: login_success.php');
        exit;
    }



警告:此代码易受攻击。我知道,不关注安全性,这是这里还是您的代码中的一个输入错误<代码>$\u会话['userame']=true是否应该是$\u会话['username']?您是否收到任何错误消息,是否确认了非管理员用户的登录详细信息?你也应该加密你的密码@DamienPirsy那是什么意思?对不起,我是新来phpYeah的,它的第一天和第一次回应几乎是不可能的

 if (mysql_num_rows($result) == 1 AND $row['role']==2) {
        // the user id and password match, 
        // set the session
        $_SESSION['username'] = true;
        // after login we move to the main page
        header('Location: login_success.php');
        exit;
    }