php登录不工作
我有一个mysql表,其中包含以下字段: 身份证 用户名 密码 角色 管理员的角色号为1,普通用户的角色号为2php登录不工作,php,mysql,error-handling,Php,Mysql,Error Handling,我有一个mysql表,其中包含以下字段: 身份证 用户名 密码 角色 管理员的角色号为1,普通用户的角色号为2 <?php // we must never forget to start the session session_start(); $errorMessage = ''; if (isset($_POST['username']) && isset($_POST['password'])) { include 'library/connect
<?php
// we must never forget to start the session
session_start();
$errorMessage = '';
if (isset($_POST['username']) && isset($_POST['password'])) {
include 'library/connect.php';
$username = $_POST['username'];
$password = $_POST['password'];
// check if the user id and password combination exist in database
$sql = "SELECT role FROM user WHERE username = '$username' AND password = '$password'";
$result = mysql_query($sql) or die('Query failed. ' . mysql_error());
$row = mysql_fetch_array($result);
if (mysql_num_rows($result) == 1 AND $row['role']==2) {
// the user id and password match,
// set the session
$_SESSION['userame'] = true;
// after login we move to the main page
header('Location: login_success.php');
exit;
}
elseif (mysql_num_rows($result) == 1 AND $row['role']== 1) {
// the user id and password match,
// set the session
$_SESSION['admin'] = true;
$_SESSION['username'] = true;
// after login we move to the main page
header('Location: admin.php');
exit;
}
else {
$errorMessage = 'Sorry, wrong user id / password <a href="login.html">Go Back</a>';
}
include 'library/closedb.php';
}
?>
<?php
if ($errorMessage != '') {
?>
<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
<?php
}
?>
您在角色=2的第一个if
块中拼错了用户名
$\u会话['userame']=true代码>看起来是打字错误造成的:
$_SESSION['userame'] = true;
如果它不能解决这个问题,你能给login_success.php一个密码吗
if (mysql_num_rows($result) == 1 AND $row['role']==2) {
// the user id and password match,
// set the session
$_SESSION['username'] = true;
// after login we move to the main page
header('Location: login_success.php');
exit;
}
警告:此代码易受攻击。我知道,不关注安全性,这是这里还是您的代码中的一个输入错误<代码>$\u会话['userame']=true代码>是否应该是$\u会话['username']?您是否收到任何错误消息,是否确认了非管理员用户的登录详细信息?你也应该加密你的密码@DamienPirsy那是什么意思?对不起,我是新来phpYeah的,它的第一天和第一次回应几乎是不可能的
if (mysql_num_rows($result) == 1 AND $row['role']==2) {
// the user id and password match,
// set the session
$_SESSION['username'] = true;
// after login we move to the main page
header('Location: login_success.php');
exit;
}