将登录表单与数据库链接

时间:2013-01-11 16:32:36

标签: php login

  

可能重复:
  PHP/MySQL Login issue

当尝试登录网站上的我的会员区域时,它没有与数据库链接,因此输入零数据仍然会将我带到会员区。

以下php和HTML有什么问题。

 <?php
 session_start();
 include("dbconnect.php");
 $numrows=0;
 $sqlMember = mysql_real_escape_string($member);
$sqlPassword = mysql_real_escape_string($password);
$query="select First_name fname, Last_name lname, Email email, Membership_Number from members where (Membership_Number='$sqlMember' and Password='$sqlPassword')";

  $link = mysql_query($query);
 if (!$link) {
  die('login error');
 }
 $numrows=mysql_num_rows($link);
 if ($numrows>0){  // authentication is successfull
  while($row = mysql_fetch_array($query));
  $_SESSION['user']['first_name']=$row['first_name'];
  $_SESSION['user']['last_name']=$row['last_name'];
  $_SESSION['user']['Membership_Number ']=$row['Membership_Number '];
  echo $_SESSION['user']['fname'].' '.$_SESSION['user']['lname'];
  header("location:members_area.php");
 } else {
  header("location:../invalid.php");  // authentication was unsuccessfull
 }
?>

HTML 

<form id="jjjj" action="Send_log_details.php" class="register">
    <ul>
    <li>
    Membership Number:<br>
    <input type="text" id="Membership_Number" name="Membership_Number">
    </li>
        <li>
    Password:<br>
<input type="password"  id="Password" name="Password" value="Log in">
        </li>
    <li>

    <input type="submit" name="register" value="Login" onclick="logMeIn()">             
        </li>
        </ul>
        </form>

2 个答案:

答案 0 :(得分:1)

$sqlMember = mysql_real_escape_string($member);
$sqlPassword = mysql_real_escape_string($password);

应该是

$sqlMember = mysql_real_escape_string($_POST["Membership_Number"]);
$sqlPassword = mysql_real_escape_string($_POST["Password"]);

并且

<form id="jjjj" action="Send_log_details.php" class="register">

应该是

<form id="jjjj" action="Send_log_details.php" class="register" method="POST">

答案 1 :(得分:1)

你的SQL似乎对我不对,我希望我不是。

// Your code
$query="select First_name fname, Last_name lname, Email email, Membership_Number from members where (Membership_Number='$sqlMember' and Password='$sqlPassword')";

// My code
$query="select fname AS First_name, lname AS Last_name, email AS Email, Membership_Number from members where (Membership_Number='$sqlMember' and Password='$sqlPassword')";

此外,如果mysql_num_rows($query) == 1

,我只接受登录成功
相关问题
最新问题