PHP和MYSQL身份验证
我的登录功能不起作用,总是说用户名或密码不起作用。我需要回声确定,如果用户名和密码是正确的,这样我就可以继续我的项目。我的数据库密码设置为md5。以下是y代码: user.php文件PHP和MYSQL身份验证,php,mysql,Php,Mysql,我的登录功能不起作用,总是说用户名或密码不起作用。我需要回声确定,如果用户名和密码是正确的,这样我就可以继续我的项目。我的数据库密码设置为md5。以下是y代码: user.php文件 <?php <?php function sanitize($username)//sanitizes user inputs { $connect = mysqli_connect('localhost','root','','lr'); return mysqli_real_escape_str
<?php
<?php
function sanitize($username)//sanitizes user inputs
{ $connect = mysqli_connect('localhost','root','','lr');
return mysqli_real_escape_string
($connect,$username); }
?>
//checks if user exist
function user_exists($username)
{ $username = sanitize($username);
$conn = @mysqli_connect('localhost', 'root', '', 'lr') OR die("cant connect");
$query = mysqli_query($conn, "SELECT user_id FROM users WHERE username = '$username'");
return(mysqli_num_rows($query) ==1) ? true : false;
}
//checks if user active, if set in database to 1, its active, if set to 0, not active
function user_active($username)
{ $username = sanitize($username);
$conn = @mysqli_connect('localhost', 'root', '', 'lr') OR die("cant connect");
$query = mysqli_query($conn, "SELECT user_id FROM users WHERE username = '$username' AND active =1");
return(mysqli_num_rows($query) ==1) ? true : false;
}
//Gets user id from username
function user_id_from_username ($username) {
$username = sanitize ($username);
return mysql_result(mysqli_query("SELECT `user_id` FROM `users` WHERE `username` = '$username'"), 0, 'user_id');
}
function login($username, $password){
$user_id = user_id_from_username($username);
$username = sanitize($username);
$password = MD5($password);
return (mysql_result(mysqli_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username`='$username' AND `password`='$password'"), 0)==1) ? $user_id : false;
}
?>
login.php file
<?php
function sanitize($username)
{ $connect = mysqli_connect('localhost','root','','lr');
return mysqli_real_escape_string
($connect,$username); }
?>
//检查用户是否存在
函数用户_存在($username)
{$username=sanitize($username);
$conn=@mysqli_connect('localhost','root','lr')或die('cant connect');
$query=mysqli_query($conn,“从username='$username'的用户中选择用户id”);
返回(mysqli_num_rows($query)==1)?真:假;
}
//检查用户是否处于活动状态,如果在数据库中设置为1,则检查其是否处于活动状态,如果设置为0,则检查其是否处于非活动状态
函数用户\u活动($username)
{$username=sanitize($username);
$conn=@mysqli_connect('localhost','root','lr')或die('cant connect');
$query=mysqli_query($conn,“从username='$username'和active=1的用户中选择用户id”);
返回(mysqli_num_rows($query)==1)?真:假;
}
//从用户名获取用户id
函数用户\u id\u来自\u用户名($username){
$username=sanitize($username);
返回mysql_结果(mysqli_查询(“从'users'中选择'user_id',其中'username`='$username')),0,'user_id');
}
函数登录($username,$password){
$user\u id=用户名($username)中的用户\u id\u;
$username=sanitize($username);
$password=MD5($password);
返回(mysql\u结果(mysqli\u查询(“从`username`='$username'和`password`='$password')中选择COUNT(`user\u id`)),0)==1)?$user\u id:false;
}
?>
login.php文件
可能您有多个用户名:更改此:返回(mysqli\u num\u rows($query)==1)?真:假代码>到此:返回(mysqli\u num\u rows($query)>0)?真:假代码>请不要抑制错误消息。在它们弹出时修复它们。如果您希望偶尔抛出一个错误,请处理它。不要抑制。您可以通过在phpmyadmin中运行check_用户函数的查询来检查结果集中有多少条记录。