PHP登录机制的问题
我希望到目前为止你们都度过了美好的一天。关于我创建的PHP和MYSQL登录页面,我有一个问题。它似乎不起作用。提前谢谢你的帮助PHP登录机制的问题,php,mysql,authentication,Php,Mysql,Authentication,我希望到目前为止你们都度过了美好的一天。关于我创建的PHP和MYSQL登录页面,我有一个问题。它似乎不起作用。提前谢谢你的帮助 <?php $db = mysqli_connect("localhost", "root", "", "test"); if (isset($_POST['login'])) { $username = mysqli_real_escape_string($db,$_POST['
<?php
$db = mysqli_connect("localhost", "root", "", "test");
if (isset($_POST['login'])) {
$username = mysqli_real_escape_string($db,$_POST['username']);
$password = mysqli_real_escape_string($db,$_POST['password']);
$query = "SELECT * FROM users WHERE Username='$username' AND Password='$password'";
$result = mysqli_query($db,$query);
$count = mysqli_num_rows($result);
if($count == 1) {
session_register("username");
header('location: home.html');
}else {
echo "Your Login Name or Password is invalid. Please try again.";
} }?>
我正在使用php-pdo
创建简单的登录页面。这是一项成功的工作。所以请你试试这个代码
<?php
session_start();
//This is a database connection
$host_name = "localhost";
$user_name = 'root';
$db_name = "stackoverflow";
$pass = '';
$conn = new PDO("mysql:host=$host_name; dbname=$db_name;", $user_name, $pass);
?>
<!DOCTYPE html>
<html>
<head>
<title>Login</title>
</head>
<body>
<!--- This is a login form ----->
<form method="post">
<input type="text" name="uname" placeholder="Username" required /><br><br>
<input type="password" name="upass" placeholder="Password" required /><br><br>
<button type="submit" name="login-submit" >Login</button>
</form>
</body>
</html>
<?php
if (isset($_POST['login-submit']))
{
$uname = $_POST['uname']; //This is a username
$pass = $_POST['upass']; //This is a password
$sql = "SELECT * FROM login WHERE username LIKE ? AND password LIKE ?"; // This is a sql check username and password in our database
$checkUsernameAndPassword = $conn->prepare($sql);
$checkUsernameAndPassword->execute([$uname, $pass]);
if ($checkUsernameAndPassword->rowCount() == 1) //check if the sql return row 1 then connction success otherwise i will show error.
{
$_SESSION['username'] = $uname;
header('location: index.php');
}
else
{
echo "<h3>Please enter the valid username or password</h3>";
}
}
?>
登录
登录
您会遇到什么错误?您还应该查阅最近的php教程,特别是查找(防止sql注入)和密码哈希(和)。现在,这个登录对于每个想访问您的数据库的人来说都是一个梦想。警告:您对参数化的预处理语句非常开放,应该使用参数化的预处理语句,而不是手动生成查询。它们由或提供。永远不要相信任何形式的输入!即使您的查询仅由受信任的用户执行。切勿以明文或使用MD5/SHA1存储密码!仅存储使用PHP创建的密码哈希,然后可以使用进行验证。看看这篇文章:了解更多关于