Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/mysql/68.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
正在尝试为管理员/用户PHP创建登录名_Php_Mysql_Forms_Login_Admin - Fatal编程技术网
Fatal编程技术网
  • php/
  • 正在尝试为管理员/用户PHP创建登录名

正在尝试为管理员/用户PHP创建登录名

php mysql forms login

正在尝试为管理员/用户PHP创建登录名,php,mysql,forms,login,admin,Php,Mysql,Forms,Login,Admin,我试图从同一个表单为用户和管理员创建一个登录,根据他们是管理员还是用户将他们重定向到某个页面 我在数据库中为admin创建了一列,并声明admin=1。在输入管理员和用户的详细信息时,我似乎遇到了这个错误 致命错误:对中的非对象调用成员函数query() …第31行的root\CheckLogin.php 感谢您的帮助,谢谢 <?php session_start(); if(!isset($_SESSION['username'])){ // not logged in } ?&

我试图从同一个表单为用户和管理员创建一个登录,根据他们是管理员还是用户将他们重定向到某个页面

我在数据库中为admin创建了一列,并声明admin=1。在输入管理员和用户的详细信息时,我似乎遇到了这个错误

致命错误:对中的非对象调用成员函数query() …第31行的root\CheckLogin.php

感谢您的帮助,谢谢

<?php
session_start();
if(!isset($_SESSION['username'])){
    // not logged in
}
?>

<?php

$host="localhost"; // Host name 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

// Query
global $dbh
$result= $dbh->query("SELECT * FROM members WHERE username='$myusername' AND password='$mypassword';");

// Mysql_num_row is counting table row
$count = $result->rowCount();

// Determine if user is "user" or "admin"
$usertype = $dbh->query("SELECT admin FROM members WHERE username='$myusername';");
$row = mysql_fetch_row($usertype);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file 
session_start();
$_SESSION['username'] = '$username';
$_SESSION['password'] = '$password'; 
$_SESSION['admin'] = $row;

// Redirect to appropriate page depending on user rights. Indicator 0 for user, 1 for admin.
if ($_SESSION['admin'] == 1){
    header("location:Admin.php");
    }
else {
    header("location:SuccessLogin.php");
    }
$dbh = null;
}
else {
echo "";
}
?> 

<html>
<body>
<head>
<title>Login</title>
<link rel="stylesheet" href="style.css" />
<link rel='stylesheet' type='text/css'>
</head>
<div class="lg-container">
<center><i>Wrong Username or Password</i></center>
</body>
</html>



您缺少一个
在您的第31行中


global $dbh


应该是


global $dbh;



您应该分配
mysql\u connect($host“,$username“,$password”)或die(“无法连接”)
$dbh
如下所示:


$dbh = mysql_connect("$host", "$username", "$password")or die("cannot connect");


将连接变量也传递给
myslq\u select\u db


mysql_select_db("$db_name", $dbh)or die("cannot select DB");



下面的链接中有一个代码块







你能试着根据这个更新你的代码吗?链接上有不同的用法。
完整的代码


<?php
session_start();
if (!isset($_SESSION['username'])) {
    // not logged in
}
?>

<?php
$host = "localhost"; // Host name 
$username = ""; // Mysql username 
$password = ""; // Mysql password 
$db_name = "test"; // Database name 
$tbl_name = "members"; // Table name 
// Connect to server and select databse.
$dbh=mysqli_connect($host, $username, $password,$db_name) or die("Error " . mysqli_error($dbh));

// username and password sent from form 
$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];

// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);


$result = $dbh->query("SELECT * FROM members WHERE username='$myusername' AND password='$mypassword';");

// Mysql_num_row is counting table row
$count = $result->num_row;

// Determine if user is "user" or "admin"
$usertype = $dbh->query("SELECT admin FROM members WHERE username='$myusername';");
$row = $usertype->fetch_row();

// If result matched $myusername and $mypassword, table row must be 1 row
if ($count == 1) {

// Register $myusername, $mypassword and redirect to file 
    session_start();
    $_SESSION['username'] = '$username';
    $_SESSION['password'] = '$password';
    $_SESSION['admin'] = $row;

// Redirect to appropriate page depending on user rights. Indicator 0 for user, 1 for admin.
    if ($_SESSION['admin'] == 1) {
        header("location:Admin.php");
    } else {
        header("location:SuccessLogin.php");
    }
    $dbh = null;
} else {
    echo "";
}
?> 

<html>
    <body>
    <head>
        <title>Login</title>
        <link rel="stylesheet" href="style.css" />
        <link rel='stylesheet' type='text/css'>
    </head>
    <div class="lg-container">
        <center><i>Wrong Username or Password</i></center>
    </body>
</html>





标准免责声明(使用mysqli或pdo等)。但是$dbh在哪里定义?您拥有所有的登录信息等,但随后引用了一个全局$dbh,该值似乎未定义/初始化,因此出现了错误。您将
mysql.*
函数与PDO函数混合使用
rowCount()
您不能这样做,因此会出现错误。选择一个API,而不是两个。连接在哪里或包含连接标记不是问题的答案。您应该将此添加为注释我尝试过此操作,当我登录时收到“错误的用户名或密码”,即使它们与此错误一起正确。注意:未定义的属性:mysqli_result::$num_row in…root\CheckLogin.php第31行change
$count=$result->num_row
$count=mysql\u num\u行($result)
@user3489226单独使用
num_row
是无效的。然而,这个答案使用的是基于
mysqli.*
的函数,根本不起作用
fetch_row()
应该使用
mysql_fetch_row()
然而,你应该使用所有
mysqli*
函数,这会让你的生活变得更轻松,而不是在出现问题之前“砍掉”;但它不会。你最好给自己找一个可以工作的登录系统。我按照你的建议做了,它可以工作(谢谢),但是即使我以管理员身份登录,它仍然会重定向到同一页面。如果你可以通过print_r($row)exit()调试代码;$row=$usertype->fetch_row()之后;检查你得到了什么。老实说,你在玩火,使用的是
mysql.*
函数和纯文本密码。告诉我这只是供个人使用@user3489226如果不是,我建议你停止这个项目,找一个最新的登录系统,使用
mysqli.*
和准备好的语句或PDO和PHP的
password\u hash()
函数、
crypt()
bcrypt()
或crypt\u BLOWFISH。你正在使用旧的和危险的方法,最终会咬你的“你知道什么”。

<?php
session_start();
if (!isset($_SESSION['username'])) {
    // not logged in
}
?>

<?php
$host = "localhost"; // Host name 
$username = ""; // Mysql username 
$password = ""; // Mysql password 
$db_name = "test"; // Database name 
$tbl_name = "members"; // Table name 
// Connect to server and select databse.
$dbh=mysqli_connect($host, $username, $password,$db_name) or die("Error " . mysqli_error($dbh));

// username and password sent from form 
$myusername = $_POST['myusername'];
$mypassword = $_POST['mypassword'];

// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);


$result = $dbh->query("SELECT * FROM members WHERE username='$myusername' AND password='$mypassword';");

// Mysql_num_row is counting table row
$count = $result->num_row;

// Determine if user is "user" or "admin"
$usertype = $dbh->query("SELECT admin FROM members WHERE username='$myusername';");
$row = $usertype->fetch_row();

// If result matched $myusername and $mypassword, table row must be 1 row
if ($count == 1) {

// Register $myusername, $mypassword and redirect to file 
    session_start();
    $_SESSION['username'] = '$username';
    $_SESSION['password'] = '$password';
    $_SESSION['admin'] = $row;

// Redirect to appropriate page depending on user rights. Indicator 0 for user, 1 for admin.
    if ($_SESSION['admin'] == 1) {
        header("location:Admin.php");
    } else {
        header("location:SuccessLogin.php");
    }
    $dbh = null;
} else {
    echo "";
}
?> 

<html>
    <body>
    <head>
        <title>Login</title>
        <link rel="stylesheet" href="style.css" />
        <link rel='stylesheet' type='text/css'>
    </head>
    <div class="lg-container">
        <center><i>Wrong Username or Password</i></center>
    </body>
</html>