如何在php中建立错误登录查询
这是我对PHP的登录查询。我想当一个用户给出错误的答案时,该用户被重定向到一个错误的网站。我该怎么做如何在php中建立错误登录查询,php,Php,这是我对PHP的登录查询。我想当一个用户给出错误的答案时,该用户被重定向到一个错误的网站。我该怎么做 <?php session_start(); $db_username = "root"; $db_password = ""; $con = new PDO('mysql:host=localhost;dbname=test', $db_username, $db_password); if ($_SERVER['REQUEST_METH
<?php
session_start();
$db_username = "root";
$db_password = "";
$con = new PDO('mysql:host=localhost;dbname=test', $db_username, $db_password);
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$query = $con->prepare(" SELECT username FROM faceflow WHERE username=:username AND password=:password");
$query->execute(array(
':username' => $_POST['username'],
':password' => $_POST['password']
));
$results = $query->fetchAll(PDO::FETCH_ASSOC);
$_SESSION['username'] = $results[0]['username'];
header('Location: /test/membership/loggedin.php');
}
else
{
die("Die hacker!");
}
?>
试试看,它对我有用 旁注:出于测试目的,
header()
都被注释掉了
noaccess.php
是一个文件名示例
<?php
session_start();
$db_username = "root";
$db_password = "";
$con = new PDO('mysql:host=localhost;dbname=test', $db_username, $db_password);
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$query = $pdo->prepare(" SELECT username FROM faceflow WHERE username=:username AND password=:password");
$query->execute(array(
':username' => $_POST['username'],
':password' => $_POST['password']
));
$results = $query->fetchAll(PDO::FETCH_ASSOC);
if($results){
$_SESSION['username'] = $results[0]['username'];
// header('Location: /test/membership/loggedin.php');
echo "You have access";
}
if(!$results){
// header('Location: /test/membership/noaccess.php');
echo "Sorry";
}
}
用头()替换模具()
?似乎合乎逻辑。不要存储纯文本(或加密的…)密码,使用盐哈希。好的,那么,如果(!results){//redirect}
您的逻辑是错误的,否则
是如果($\u SERVER['REQUEST\u METHOD']='POST')
的一部分。检查是否找到一行,如果没有,则重定向。对,@Fred ii-说了什么。。。。。。