回显一个php文件
当我用正确的信息登录我的网站时,我试图打开我的“index.php”文件,但我不断收到错误 这是我的密码:回显一个php文件,php,Php,当我用正确的信息登录我的网站时,我试图打开我的“index.php”文件,但我不断收到错误 这是我的密码: <?php session_start(); include 'dbase.php'; $uid = $_POST['uid']; $pwd = $_POST['pwd']; $sql = "SELECT * FROM user WHERE uid = '$uid' AND pwd = '$pwd'"; $result = $conn->query($sql); if (
<?php
session_start();
include 'dbase.php';
$uid = $_POST['uid'];
$pwd = $_POST['pwd'];
$sql = "SELECT * FROM user WHERE uid = '$uid' AND pwd = '$pwd'";
$result = $conn->query($sql);
if (!$row = mysqli_fetch_assoc($result))
{
echo "Your username or password is incorrect!";
}
else
{
echo fgets($index);
}
在其他条件块中,重定向到索引文件
if (!$row = mysqli_fetch_assoc($result))
{
echo "Your username or password is incorrect!";
}
else
{
header("location: index.php");
exit();
}
你也应该考虑使用准备好的语句和PDO。准备好的声明将有助于防止
您的dbase.php将类似于
try {
$db = new PDO('mysql:host=localhost;dbname=yourDBName', 'username', 'password');
} catch (PDOException $e) {
echo $e->getMessage();
}
然后是您的实现
include 'dbase.php';
$uid = $_POST['uid'];
$pwd = $_POST['pwd'];
$sql = "SELECT * FROM `user` WHERE `uid` = :uid AND `pwd` = :pwd";
$statement = $db->prepare($sql);
$userData = [
'uid'=>$uid,
'pwd'=>$pwd
];
$statement->execute($userData);
if($statement->rowCount() > 0){
header('Location: index.php');
exit();
}else{
echo "Your username or password is wrong!";
}
也许可以分享你的错误?