PHP MYSQLI编写的语句登录并检查用户状态
我正在学习制作一些基于mysqli的视频教程网站。我知道使用预先准备好的语句更安全,我正在尝试创建一个登录系统。以下是我迄今为止所做的工作 此代码帮助我完全成功登录PHP MYSQLI编写的语句登录并检查用户状态,php,mysqli,Php,Mysqli,我正在学习制作一些基于mysqli的视频教程网站。我知道使用预先准备好的语句更安全,我正在尝试创建一个登录系统。以下是我迄今为止所做的工作 此代码帮助我完全成功登录 <form action ="" method="post"> User Name:<br/> <input type='text' name='username' /> <br/><br/> Password:<br/>
<form action ="" method="post">
User Name:<br/>
<input type='text' name='username' />
<br/><br/>
Password:<br/>
<input type='password' name='password' />
<br/><br/>
<input type='submit' name='submit' value='login'>
</form>
<?php
if(isset($_POST['submit'])){
$username = $_POST['username'];
$password = md5($_POST['password']);
$stmt = $con->prepare("SELECT username, password FROM users WHERE username=? AND password=? LIMIT 1");
$stmt->bind_param('ss', $username, $password);
$stmt->execute();
$stmt->bind_result($username, $password);
$stmt->store_result();
if($stmt->num_rows == 1) //To check if the row exists
{
while($stmt->fetch()) //fetching the contents of the row
{$_SESSION['Logged'] = 1;
$_SESSION['username'] = $username;
echo 'Success!';
exit();
}
}
else {
echo "INVALID USERNAME/PASSWORD Combination!";
}
$stmt->close();
}
else
{
}
$con->close();
?>
a = activated
n = not activated
d = deactivated
b = banned
?php
//error_reporting(0);
'session_start';
$con = new mysqli('localhost', 'username', 'password', 'database');
if($con->connect_errno > 0){
die('Sorry, We\'re experiencing some connection problems.');
}
?>
我想你需要看看mysqli是如何工作的。这会让你走上正确的方向
if(isset($_POST['submit'])){
$username = $_POST['username'];
$password = md5($_POST['password']);
$user_id = 0;
$status = ""
$stmt = $con->prepare("SELECT user_id, username, password, status FROM users WHERE username=? AND password=? LIMIT 1");
$stmt->bind_param('ss', $username, $password);
$stmt->execute();
$stmt->bind_result($user_id, $username, $password, $status);
$stmt->store_result();
if($stmt->num_rows == 1) //To check if the row exists
{
if($stmt->fetch()) //fetching the contents of the row
{
if ($status == 'd') {
echo "YOUR account has been DEACTIVATED.";
exit();
} else {
$_SESSION['Logged'] = 1;
$_SESSION['user_id'] = $user_id;
$_SESSION['username'] = $username;
echo 'Success!';
exit();
}
}
}
else {
echo "INVALID USERNAME/PASSWORD Combination!";
}
$stmt->close();
}
else
{
}
$con->close();
错误消息中有什么不清楚的地方?什么是
$result=$con->query($stmt)用于?我不知道该怎么办我是斯图克我想知道我走对了吗不,你走错了路。出于某种原因,您选择的是完全无用的登录名和密码,但不是您需要的激活内容。我在使用mysql的教程中看到了这一点,并认为它将帮助我检查用户状态。我做错了吗???为什么投反对票呢???非常感谢你,先生。你是世界上第一个帮助我的人,而当我请求帮助时,其他人只是关上了我的门。当我看到它工作时,我流下了眼泪。先生,你会长寿的。是的,它起作用了。你不知道它是否正确???无论如何,非常感谢你,先生。这就是我所要求的。我知道逻辑是正确的,我只是在这里写代码时会犯一些小错误。
?php
//error_reporting(0);
'session_start';
$con = new mysqli('localhost', 'username', 'password', 'database');
if($con->connect_errno > 0){
die('Sorry, We\'re experiencing some connection problems.');
}
?>
if(isset($_POST['submit'])){
$username = $_POST['username'];
$password = md5($_POST['password']);
$user_id = 0;
$status = ""
$stmt = $con->prepare("SELECT user_id, username, password, status FROM users WHERE username=? AND password=? LIMIT 1");
$stmt->bind_param('ss', $username, $password);
$stmt->execute();
$stmt->bind_result($user_id, $username, $password, $status);
$stmt->store_result();
if($stmt->num_rows == 1) //To check if the row exists
{
if($stmt->fetch()) //fetching the contents of the row
{
if ($status == 'd') {
echo "YOUR account has been DEACTIVATED.";
exit();
} else {
$_SESSION['Logged'] = 1;
$_SESSION['user_id'] = $user_id;
$_SESSION['username'] = $username;
echo 'Success!';
exit();
}
}
}
else {
echo "INVALID USERNAME/PASSWORD Combination!";
}
$stmt->close();
}
else
{
}
$con->close();