Php 在登录的同一页面上显示错误消息

Php 在登录的同一页面上显示错误消息,php,html,mysql,Php,Html,Mysql,我试图在同一页上显示错误消息。我知道我必须使用javascript。这是到目前为止我的代码。但是它说1之后。我想这是我的儿子写的==0如何摆脱此1 <?php session_start(); $username = $_POST['username']; $password = $_POST['password']; if ($username&&$password) { $host_name = 'localhost'; $db_user ='root'; $

我试图在同一页上显示错误消息。我知道我必须使用javascript。这是到目前为止我的代码。但是它说1之后。我想这是我的儿子写的==0如何摆脱此1

<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];

if ($username&&$password)
{
    $host_name = 'localhost';
$db_user ='root';
$db_pass = '';
$db_name = 'login';
/* Connect to MySQL */
 $con = mysql_connect("$host_name","$db_user","$db_pass") or die ("Couldn't connect!");
 $db = mysql_select_db("$db_name") or die ("Couldn't connect to database!");

 $query = mysql_query("SELECT * FROM users WHERE username='$username'");
 $numrows = mysql_num_rows($query);
 if ($numrows!=0)
 {

    while ($row = mysql_fetch_assoc($query))
    {
        $dbusername = $row['username'];
        $dbpassword = $row['password'];

    }
    /*Check to see if they match! */
    if ($username==$dbusername&&$password==$dbpassword)
    {
        echo "You're in! <a href='member.php'> Click</a> here to enter the member page";
            $_SESSION['username']==$username;
    }
    else
        echo "Incorrect password";
    }
     else
        die("That user doesn't exist!");

    echo $numrows;
 }
 else
    die("Please enter username and/or password!");

?>

您并不需要JavaScript来完成这项工作。你可以用PHP来做。如下图所示

我已经修改了你的PHP代码。将其放置在执行登录的文件中

<?php

    session_start();
    $username = $_POST['username'];
    $password = $_POST['password'];

    if (!empty($username) && !empty($password))
    {
        $host_name = 'localhost';
        $db_user ='root';
        $db_pass = '';
        $db_name = 'login';

         $con = mysql_connect($host_name, $db_user, $db_pass) or die ("Couldn't connect!");
         $db = mysql_select_db($db_name) or die ("Couldn't connect to database!");

         $query = mysql_query("SELECT * FROM users WHERE username=".mysql_real_escape_string($username)." and password = ".mysql_real_escape_string($password));
         $numrows = mysql_num_rows($query);

         if($numrows == 1)
         {
            $_SESSION['username'] = $username; //Store username to session for futher authorization 
            header("Location: member.php"); //Redirect user to home page
         }
         else {
                $_SESSION['errMsg'] = "Invalid username or password";
         }
        header("Location: login.php"); //Redirect user back to your login form
     }
     else {
        die("Please enter username and/or password!");
      }

    ?>

您的代码非常容易受到mysql注入的攻击,只需删除echo$numrows;好的,谢谢,请告知javaI做了以下更改,但是它仍然导致另一个页面出现错误的密码,但在上面我得到了用户名和密码的未定义索引:当我包括会话开始时,我一直得到这个,当我删除它时,我没有得到这些错误,我还注意到当我点击后退按钮时,它显示了无效的用户名和密码有时,密码就在我的登录表单上方。@user3369387您需要将登录代码放在一个单独的文件(称为“login check.php”)中,将HTML代码放在另一个文件(如“login.php”)中,然后将该文件中的操作设置为“login check.php”
<?php session_start(); ?>
    <html>
    <body>
        <div id="errMsg">
            <?php if(!empty($_SESSION['errMsg'])) { echo $_SESSION['errMsg']; } ?>
        </div>
        <?php unset($_SESSION['errMsg']); ?>
    </body>