Php 登录验证脚本错误
我正在尝试为基于web的MIS编写登录身份验证。下面是我使用的代码。但是,当用户名为“admin”和密码为“12345”时,即使该记录放在数据表中,也不会登录 这是表的SQL代码:Php 登录验证脚本错误,php,mysql,login,Php,Mysql,Login,我正在尝试为基于web的MIS编写登录身份验证。下面是我使用的代码。但是,当用户名为“admin”和密码为“12345”时,即使该记录放在数据表中,也不会登录 这是表的SQL代码: CREATE TABLE accounts ( id INTEGER UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY, username VARCHAR(255) NOT NULL UNIQUE, password CHAR(32) NOT NULL, last_login
CREATE TABLE accounts (
id INTEGER UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(255) NOT NULL UNIQUE,
password CHAR(32) NOT NULL,
last_login DATETIME NOT NULL
);
当我放入echo$stmt->num\u行时返回code>0,因此我猜这意味着在数据库中找不到匹配项。有人能帮我吗
这是我的密码:
您的代码似乎没有问题
输入新记录时,请确保不要输入普通密码字符串,您应该输入密码的md5哈希值,因为代码查找的是哈希值,而不是
原始字符串。从phpmyadmin插入密码时,是否确实输入了md5哈希值?因为代码搜索的是散列值,而不是密码字符串
<?php
// Sanitize incoming username and password
$username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);
// Connect to the MySQL server
$db = new mysqli("localhost", "root", "qwerty", "MIS");
// Determine whether an account exists matching this username and password
$stmt = $db->prepare("SELECT id FROM accounts WHERE username = ? and password = md5(?)");
// Bind the input parameters to the prepared statement
$stmt->bind_param('ss', $username, $password);
// Execute the query
$stmt->execute();
// Store the result so we can determine how many rows have been returned
$stmt->store_result();
if ($stmt->num_rows == 1) {
// Bind the returned user ID to the $id variable
$stmt->bind_result($id);
$stmt->fetch();
// Update the account's last_login column
$stmt = $db->prepare("UPDATE accounts SET last_login = NOW() WHERE id = ?");
$stmt->bind_param('d', $id);
$stmt->execute();
session_start();
$_SESSION['username'] = $username;
// Redirect the user to the home page
header('Location: http://localhost/');
}
?>