Php If语句有效,但else语句无效
我正在创建一个登录表单,在这里我检查电子邮件和密码,如果电子邮件和密码相同,则获取登录并重定向到索引页。。但若用户输入错误的电子邮件或密码,则不会转到else语句Php If语句有效,但else语句无效,php,mysql,if-statement,Php,Mysql,If Statement,我正在创建一个登录表单,在这里我检查电子邮件和密码,如果电子邮件和密码相同,则获取登录并重定向到索引页。。但若用户输入错误的电子邮件或密码,则不会转到else语句 <?php ob_start(); session_start(); if (isset($_POST['login'])) // Login Validation check code ** START ** $errr = ''; // This variable will be used to indicate er
<?php
ob_start();
session_start();
if (isset($_POST['login'])) // Login Validation check code ** START **
$errr = ''; // This variable will be used to indicate error of login email or pwd
{
include('connection.php');
$loginemail= trim($_POST['loginemail']);
$loginpass= trim($_POST['loginpass']);
$sql = "SELECT * FROM `user` WHERE email=\"$loginemail\" and pass=\"$loginpass\"";
$result = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_assoc($result) or die(mysql_error());
if(!empty($row))
{
$_SESSION=array();
$_SESSION['fname']=$row['fname'];
$_SESSION['lname']=$row['lname'];
$_SESSION['status']=true;
header('location: ../index.php');
}
else
{
echo " something wrong ";
}
} // Login Validation check code ** End **
?>
$sql = "SELECT * FROM `user` WHERE email='".$loginemail."' and pass='".$loginpas."' ";
$result = mysql_query($sql) or die(mysql_error());
$ispresent = mysql_num_rows($result);
if($ispresent > 0)
{
$row = mysql_fetch_assoc($result) or die(mysql_error());
$_SESSION['fname']=$row['fname'];
$_SESSION['lname']=$row['lname'];
$_SESSION['status']=true;
header('location: ../index.php');
}
else
{
echo " something wrong ";
exit;
}
if (isset($_POST['login'])) // Login Validation check code ** START **
$errr = ''; // This variable will be used to indicate error of login email or pwd
{
if (isset($_POST['login'])) // Login Validation check code ** START **
{
$errr = '';
if($row = mysqli_fetch_array($result))
{ //login sucessfull
}
else
{
// incorrect
}
$sql = "SELECT * FROM `user` WHERE email='".$loginemail."' and pass='".$loginpass."';
并检查“输入用户名和密码时,您使用的是来自用户的不安全输入,这可能会导致sql注入”您在这里出错。如果条件允许,您首先启动错误
if (isset($_POST['login'])) // Login Validation check code ** START **
$errr = ''; // This variable will be used to indicate error of login email or pwd
{
if (isset($_POST['login'])) // Login Validation check code ** START **
{
$errr = ''; // This variable will be used to indicate error of login email or pwd]
// some changes in sql also you can use LIMIT 1 when you required exactly one result to be fetch.
$sql = "SELECT * FROM `user` WHERE email='$loginemail' and pass='$loginpass' LIMIT 1 ";
$result = mysql_query($sql) or die(mysql_error());
if($row = mysql_fetch_assoc($result))
{
$_SESSION=array();
$_SESSION['fname']=$row['fname'];
$_SESSION['lname']=$row['lname'];
$_SESSION['status']=true;
header('location: ../index.php');
}
else
{
echo " something wrong ";
}
注意:mysql_*现在不推荐使用。用户mysqli_*或PDO$行永远不会为空。在许多情况下,empty不能与字符串变量一起使用,因为一个简单的事实是,如果将变量设置为字符串值“0”,empty将返回true。如果字符串字符“0”可能是字符串变量的有效值,请检查如果mysql_num_rows$result>0,请改为EmptySideIndicate:不要使用mysql_*函数,使用mysqli或PDO时不推荐使用它们。大括号{}如果我尝试了,但仍然不起作用,如果ID pwd正确,它将重定向到主页,但如果ID pwd不正确,则只显示空白页,而不是出现错误@当pwd错误时,是否执行ShaikhNomanNasir检查其他条件。您可以通过回显某个内容进行检查,然后退出。查看我的编辑Yes I checked else条件未在错误密码下执行它显示空白页而不是显示echovar_dump result和ispresent plsyup@ShaikhNomanNasir尝试将$ispresent的值作为Royal Bg进行回显said@SatishSharma如果我们发现了类似的东西,我们会标记它,但告诉其他人标记,这是个人的决定