Can';t使用php登录
我在我的代码中找不到任何问题。。但当我尝试使用数据库中的帐户登录时,它说: 未定义的索引等等 请帮帮我。。下面是我的全部php代码:Can';t使用php登录,php,mysql,login,Php,Mysql,Login,我在我的代码中找不到任何问题。。但当我尝试使用数据库中的帐户登录时,它说: 未定义的索引等等 请帮帮我。。下面是我的全部php代码: <?php $admin_id = $_POST['admin_id'];//It says undefined index: admin_id $password = $_POST['password'];//It says undefined index: password $fo
<?php
$admin_id = $_POST['admin_id'];//It says undefined index: admin_id
$password = $_POST['password'];//It says undefined index: password
$found_flag=0;
$con=@mysql_connect("localhost","root","");
if(!$con)
{
die('There is problem on your connection!'.mysql.error());
}
mysql_select_db("dictionary", $con);
if(!empty($_POST['admin_id'])&&($_POST['password']))
{
$result = mysql_query("SELECT admin_id, password FROM admin_acc where admin_id = $admin_id and password = $password");
while($row = mysql_fetch_array($result)) {
$found_flag=$found_flag+1;
}
if($found_flag>0)
{
echo '<p class="clearfix">';
echo '<input type="submit" name="submit" value="Sign in">';
echo '</p>';
}
else {
echo "Sorry,<br>This seemed to be embarrassing but, you might have missing one of the following:"."<br>"."<ul><li>Administrative privilege.</li><li>Correct username.</li><li>Correct password.</li>"."<br><br>";
echo '<form action="admin_login.php" style="margin-left:100px;"><input type="submit" value="Back"></form>';
}
}
mysql_close($con);
?>
这是表单标签
<form class="form-3" action="" method="post">
<p class="clearfix">
<label for="login">Username</label>
<input type="text" name="admin_id" id="login" placeholder="Username" required>
</p>
<p class="clearfix">
<label for="password">Password</label>
<input type="password" name="password" id="password" placeholder="Password" required>
</p>
<div style="float: center; align-text: center;">
</div>
</form>
用户名
密码
您收到的错误消息表明表单提交中不存在所需的表单元素。由于您没有显示表单,这可能是一个简单的情况,即他们没有名称
属性集~表单提交需要名称
,而不是id
!目前,您的代码容易受到sql注入的攻击-使用mysqli
(准备好的语句)或PDO
-或者至少尝试一些过滤以消除不愉快的意外
<?php
if( $_SERVER['REQUEST_METHOD']=='POST' ){
/* basic checking of POSTed variables - with some filtering */
$admin_id = isset( $_POST['admin_id'] ) && !empty( $_POST['admin_id'] ) ? filter_input( INPUT_POST, 'admin_id', FILTER_SANITIZE_STRING ) : false;
$password = isset( $_POST['password'] ) && !empty( $_POST['password'] ) ? filter_input( INPUT_POST, 'password', FILTER_SANITIZE_STRING ) : false;
/* Only proceed with the sql if there is both admin_id & pwd */
if( $admin_id && $password ){
$con=@mysql_connect('localhost','root','') or die('There is problem on your connection!');/* Don't reveal too much information */
mysql_select_db( 'dictionary', $con ) or die('poor choice for database');
/* If you insist on using mysql_* then try to prevent sql injection. Escape strings */
$admin_id=strip_tags( mysql_real_escape_string( $admin_id, $con ) );
$password=strip_tags( mysql_real_escape_string( $password, $con ) );
/* set the sql statement - using quotes around values if they are strings */
$sql="SELECT `admin_id`, `password` FROM `admin_acc` where `admin_id` = '$admin_id' and `password` = '$password';";
$result = mysql_query($sql,$con);
/* Alternative to the counter you used before */
if( mysql_num_rows( $result ) == 1 ){/* Only one can match */
echo '
<p class="clearfix">
<input type="submit" name="submit" value="Sign in">
</p>';/* This button has no form??? Does this use javascript or something - what does it do? */
} else {
echo "Sorry,
<br>This seemed to be embarrassing but, you might have missing one of the following:
<br>
<ul>
<li>Administrative privilege.</li>
<li>Correct username.</li>
<li>Correct password.</li>
</ul>
<br><br>
<form action='admin_login.php' style='margin-left:100px;'>
<input type='submit' value='Back'>
</form>";/* This form has no fields???? */
}
mysql_close( $con );
} else {
/* admin_id &/or password are either missing or empty */
echo '<h1>Missing meaningful input</h1>';
}
} else {
/* display the form perhaps */
echo 'COntent seen only when the page is loaded by GET';
}
?>
你能出示你的表格吗?方法是post吗?它表示没有具有这些名称的表单元素被发布。此外,在sql中,您需要在变量'$admin\u id'
和'$password'
oops.周围使用引号。。等等,我将尝试在我的表单中添加post ni。。反正我已经加进去了。。sameUse仍然在尝试