Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/274.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
如何使用mysqli查询验证简单的php登录表单?_Php_Html_Mysqli - Fatal编程技术网
Fatal编程技术网
  • php/
  • 如何使用mysqli查询验证简单的php登录表单?

如何使用mysqli查询验证简单的php登录表单?

php html

如何使用mysqli查询验证简单的php登录表单?,php,html,mysqli,Php,Html,Mysqli,这是我的php代码 <?php $con=mysqli_connect("","","",""); if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); }\\check connection $username = mysqli_real_escape_string($con, $_POST["username"]); $password=mysqli_r

这是我的php代码

<?php
$con=mysqli_connect("","","","");
if (mysqli_connect_errno()) {   echo "Failed to connect to MySQL: " . mysqli_connect_error();
}\\check connection
$username = mysqli_real_escape_string($con, $_POST["username"]); $password=mysqli_real_escape_string($con$_POST["password"]); \\get the input values                                              
if ($_SERVER["REQUEST_METHOD"] == "POST")\\check for the form method
{
    session_start();\\start the session 
if(!empty($_POST["username"]))
{
    if(!empty($_POST["password"]))
    {\\ if the username and password is not empty,then execute the query

    $res=("SELECT * FROM personal WHERE username='".$username."' password='".$password."') or die(mysqli_error());\\get the row value accoring to the input username and password
    if(mysqli_num_rows($res) == 1)\\to check the number of rows, if it is 1 then execute the loop
    {
        $row = mysqli_fetch_array($res,MYSQLI_ASSOC);
        $user = $row['username'];
        $pass = $row['password'];\\assign the row values to the variables
        if ($password != $pass)
        {
       echo"Please Register your details";
        } \\if not match
        else{
            header("Location:home.php");
        }\\else goto home page
    }
    else{
        echo"Enter the Valid Password";\\error message
        }
}
else {
    echo"Enter the Valid Username";\\error message
}
}
mysqli_free_result($res);
}
mysqli_close($con);\\close connection

对于这样的东西来说是个更好的地方。现在还不清楚你到底在问什么,所以我只是重构了你的PHP代码,希望这能有所帮助


<?php

mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

$username = filter_input(INPUT_POST, "username", FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW);
$password = filter_input(INPUT_POST, "password", FILTER_UNSAFE_RAW);

if ($username && $password) {
  try {
    $connection = new \mysqli("localhost", "root", "password", "database");
    $stmt = $connection->prepare("SELECT `id`, `password` FROM `personal` WHERE `username` = ? LIMIT 1");
    $stmt->bind_param("s", $username);
    $stmt->execute();
    $stmt->bind_result($id, $hash);
    $found = $stmt->fetch();
    if ($found === true && password_verify($password, $hash)) {
      session_start();
    }
    else {
      echo "We either don't know the username or the password was wrong.";
    }
    $stmt->close();
    $connection->close();
  }
  catch (\mysqli_sql_exception $e) {
    echo "An error ocurred while communicating with the database, please hang in there until it's fixed.";
  }
}
else {
  echo "Please enter a username and a password.";
}



我不知道你想要什么,但我认为你的代码中有他们的错误


  $res="SELECT * FROM personal WHERE username='".$username."' password='".$password."'";
  $result=mysqli_query($con,$sql));
  if(mysqli_num_rows($result) == 1)
   {

    }


您在字符串中声明了sql查询,但从未触发过它。


如果这是导致问题的原因,那么这应该可以解决问题。
您在哪里将$\u POST参数设置为变量?从突出显示的代码中,您可以看到您将第一行的引号弄乱了。

  $res="SELECT * FROM personal WHERE username='".$username."' password='".$password."'";
  $result=mysqli_query($con,$sql));
  if(mysqli_num_rows($result) == 1)
   {

    }