正在尝试为管理员/用户PHP创建登录名
我试图从同一个表单为用户和管理员创建一个登录,根据他们是管理员还是用户将他们重定向到某个页面 我在数据库中为admin创建了一列,并声明admin=1。在输入管理员和用户的详细信息时,我似乎遇到了这个错误 致命错误:对中的非对象调用成员函数query() …第31行的root\CheckLogin.php 感谢您的帮助,谢谢正在尝试为管理员/用户PHP创建登录名,php,mysql,forms,login,admin,Php,Mysql,Forms,Login,Admin,我试图从同一个表单为用户和管理员创建一个登录,根据他们是管理员还是用户将他们重定向到某个页面 我在数据库中为admin创建了一列,并声明admin=1。在输入管理员和用户的详细信息时,我似乎遇到了这个错误 致命错误:对中的非对象调用成员函数query() …第31行的root\CheckLogin.php 感谢您的帮助,谢谢 <?php session_start(); if(!isset($_SESSION['username'])){ // not logged in } ?&
<?php
session_start();
if(!isset($_SESSION['username'])){
// not logged in
}
?>
<?php
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
// Query
global $dbh
$result= $dbh->query("SELECT * FROM members WHERE username='$myusername' AND password='$mypassword';");
// Mysql_num_row is counting table row
$count = $result->rowCount();
// Determine if user is "user" or "admin"
$usertype = $dbh->query("SELECT admin FROM members WHERE username='$myusername';");
$row = mysql_fetch_row($usertype);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file
session_start();
$_SESSION['username'] = '$username';
$_SESSION['password'] = '$password';
$_SESSION['admin'] = $row;
// Redirect to appropriate page depending on user rights. Indicator 0 for user, 1 for admin.
if ($_SESSION['admin'] == 1){
header("location:Admin.php");
}
else {
header("location:SuccessLogin.php");
}
$dbh = null;
}
else {
echo "";
}
?>
<html>
<body>
<head>
<title>Login</title>
<link rel="stylesheet" href="style.css" />
<link rel='stylesheet' type='text/css'>
</head>
<div class="lg-container">
<center><i>Wrong Username or Password</i></center>
</body>
</html>
您缺少一个代码>在您的第31行中
global $dbh
应该是
global $dbh;
您应该分配mysql\u connect($host“,$username“,$password”)或die(“无法连接”)代码>到$dbh
如下所示:
$dbh = mysql_connect("$host", "$username", "$password")or die("cannot connect");
将连接变量也传递给myslq\u select\u db
mysql_select_db("$db_name", $dbh)or die("cannot select DB");
下面的链接中有一个代码块
你能试着根据这个更新你的代码吗?链接上有不同的用法。完整的代码
<?php
session_start();
if (!isset($_SESSION['username'])) {
// not logged in
}
?>
<?php
$host = "localhost"; // Host name
$username = ""; // Mysql username
$password = ""; // Mysql password
$db_name = "test"; // Database name
$tbl_name = "members"; // Table name
// Connect to server and select databse.
$dbh=mysqli_connect($host, $username, $password,$db_name) or die("Error " . mysqli_error($dbh));
// username and password sent from form
$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];
// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$result = $dbh->query("SELECT * FROM members WHERE username='$myusername' AND password='$mypassword';");
// Mysql_num_row is counting table row
$count = $result->num_row;
// Determine if user is "user" or "admin"
$usertype = $dbh->query("SELECT admin FROM members WHERE username='$myusername';");
$row = $usertype->fetch_row();
// If result matched $myusername and $mypassword, table row must be 1 row
if ($count == 1) {
// Register $myusername, $mypassword and redirect to file
session_start();
$_SESSION['username'] = '$username';
$_SESSION['password'] = '$password';
$_SESSION['admin'] = $row;
// Redirect to appropriate page depending on user rights. Indicator 0 for user, 1 for admin.
if ($_SESSION['admin'] == 1) {
header("location:Admin.php");
} else {
header("location:SuccessLogin.php");
}
$dbh = null;
} else {
echo "";
}
?>
<html>
<body>
<head>
<title>Login</title>
<link rel="stylesheet" href="style.css" />
<link rel='stylesheet' type='text/css'>
</head>
<div class="lg-container">
<center><i>Wrong Username or Password</i></center>
</body>
</html>
标准免责声明(使用mysqli或pdo等)。但是$dbh在哪里定义?您拥有所有的登录信息等,但随后引用了一个全局$dbh,该值似乎未定义/初始化,因此出现了错误。您将mysql.*
函数与PDO函数混合使用rowCount()
您不能这样做,因此会出现错误。选择一个API,而不是两个。连接在哪里或包含连接标记不是问题的答案。您应该将此添加为注释我尝试过此操作,当我登录时收到“错误的用户名或密码”,即使它们与此错误一起正确。注意:未定义的属性:mysqli_result::$num_row in…root\CheckLogin.php第31行change$count=$result->num_row
到$count=mysql\u num\u行($result)
@user3489226单独使用num_row
是无效的。然而,这个答案使用的是基于mysqli.*
的函数,根本不起作用fetch_row()
应该使用mysql_fetch_row()
然而,你应该使用所有mysqli*
函数,这会让你的生活变得更轻松,而不是在出现问题之前“砍掉”;但它不会。你最好给自己找一个可以工作的登录系统。我按照你的建议做了,它可以工作(谢谢),但是即使我以管理员身份登录,它仍然会重定向到同一页面。如果你可以通过print_r($row)exit()调试代码;$row=$usertype->fetch_row()之后;检查你得到了什么。老实说,你在玩火,使用的是mysql.*
函数和纯文本密码。告诉我这只是供个人使用@user3489226如果不是,我建议你停止这个项目,找一个最新的登录系统,使用mysqli.*
和准备好的语句或PDO和PHP的password\u hash()
函数、crypt()
或bcrypt()
或crypt\u BLOWFISH。你正在使用旧的和危险的方法,最终会咬你的“你知道什么”。
<?php
session_start();
if (!isset($_SESSION['username'])) {
// not logged in
}
?>
<?php
$host = "localhost"; // Host name
$username = ""; // Mysql username
$password = ""; // Mysql password
$db_name = "test"; // Database name
$tbl_name = "members"; // Table name
// Connect to server and select databse.
$dbh=mysqli_connect($host, $username, $password,$db_name) or die("Error " . mysqli_error($dbh));
// username and password sent from form
$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];
// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$result = $dbh->query("SELECT * FROM members WHERE username='$myusername' AND password='$mypassword';");
// Mysql_num_row is counting table row
$count = $result->num_row;
// Determine if user is "user" or "admin"
$usertype = $dbh->query("SELECT admin FROM members WHERE username='$myusername';");
$row = $usertype->fetch_row();
// If result matched $myusername and $mypassword, table row must be 1 row
if ($count == 1) {
// Register $myusername, $mypassword and redirect to file
session_start();
$_SESSION['username'] = '$username';
$_SESSION['password'] = '$password';
$_SESSION['admin'] = $row;
// Redirect to appropriate page depending on user rights. Indicator 0 for user, 1 for admin.
if ($_SESSION['admin'] == 1) {
header("location:Admin.php");
} else {
header("location:SuccessLogin.php");
}
$dbh = null;
} else {
echo "";
}
?>
<html>
<body>
<head>
<title>Login</title>
<link rel="stylesheet" href="style.css" />
<link rel='stylesheet' type='text/css'>
</head>
<div class="lg-container">
<center><i>Wrong Username or Password</i></center>
</body>
</html>