Php 在登录的同一页面上显示错误消息
我试图在同一页上显示错误消息。我知道我必须使用javascript。这是到目前为止我的代码。但是它说1之后。我想这是我的儿子写的==0如何摆脱此1Php 在登录的同一页面上显示错误消息,php,html,mysql,Php,Html,Mysql,我试图在同一页上显示错误消息。我知道我必须使用javascript。这是到目前为止我的代码。但是它说1之后。我想这是我的儿子写的==0如何摆脱此1 <?php session_start(); $username = $_POST['username']; $password = $_POST['password']; if ($username&&$password) { $host_name = 'localhost'; $db_user ='root'; $
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if ($username&&$password)
{
$host_name = 'localhost';
$db_user ='root';
$db_pass = '';
$db_name = 'login';
/* Connect to MySQL */
$con = mysql_connect("$host_name","$db_user","$db_pass") or die ("Couldn't connect!");
$db = mysql_select_db("$db_name") or die ("Couldn't connect to database!");
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if ($numrows!=0)
{
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
/*Check to see if they match! */
if ($username==$dbusername&&$password==$dbpassword)
{
echo "You're in! <a href='member.php'> Click</a> here to enter the member page";
$_SESSION['username']==$username;
}
else
echo "Incorrect password";
}
else
die("That user doesn't exist!");
echo $numrows;
}
else
die("Please enter username and/or password!");
?>
您并不需要JavaScript来完成这项工作。你可以用PHP来做。如下图所示
我已经修改了你的PHP代码。将其放置在执行登录的文件中
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if (!empty($username) && !empty($password))
{
$host_name = 'localhost';
$db_user ='root';
$db_pass = '';
$db_name = 'login';
$con = mysql_connect($host_name, $db_user, $db_pass) or die ("Couldn't connect!");
$db = mysql_select_db($db_name) or die ("Couldn't connect to database!");
$query = mysql_query("SELECT * FROM users WHERE username=".mysql_real_escape_string($username)." and password = ".mysql_real_escape_string($password));
$numrows = mysql_num_rows($query);
if($numrows == 1)
{
$_SESSION['username'] = $username; //Store username to session for futher authorization
header("Location: member.php"); //Redirect user to home page
}
else {
$_SESSION['errMsg'] = "Invalid username or password";
}
header("Location: login.php"); //Redirect user back to your login form
}
else {
die("Please enter username and/or password!");
}
?>
您的代码非常容易受到mysql注入的攻击,只需删除echo$numrows;好的,谢谢,请告知javaI做了以下更改,但是它仍然导致另一个页面出现错误的密码,但在上面我得到了用户名和密码的未定义索引:当我包括会话开始时,我一直得到这个,当我删除它时,我没有得到这些错误,我还注意到当我点击后退按钮时,它显示了无效的用户名和密码有时,密码就在我的登录表单上方。@user3369387您需要将登录代码放在一个单独的文件(称为“login check.php”)中,将HTML代码放在另一个文件(如“login.php”)中,然后将该文件中的操作设置为“login check.php”
<?php session_start(); ?>
<html>
<body>
<div id="errMsg">
<?php if(!empty($_SESSION['errMsg'])) { echo $_SESSION['errMsg']; } ?>
</div>
<?php unset($_SESSION['errMsg']); ?>
</body>