Question

我有一个简单的登录页面，在带有if和elseif语句的顶级简单表单验证上。我想把验证码下面的mysql select where语句写成（elseif）语句。如果电子邮件和密码=数据库表记录中的电子邮件和密码，则它会将使用重定向到安全页面，如果电子邮件或密码不存在或匹配，则最终（else）将显示错误数据库中。

我真的不知道如何以正确的方式做到这一点，这是我的尝试，但它不起作用：

    <?php require_once("includes/connection.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php

$email = $_POST['Email'];
$hashed_password = md5($_POST['password']);

    if (isset($_POST['submit'])) { // Form has been submitted.

        if ($_POST['Email'] == "") {    
            $error = "Email address is required";
        }
        elseif (!(filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL))) {
            $error = "Invalid email address";
        }
        elseif ($_POST['password'] == "") {
            $error = "Type in your password";
        }
        elseif (strlen($_POST['password']) < 8) {
            $error = "Minimum password length is 8";
        }
        elseif {
            $query = "SELECT id, email ";
            $query .= "FROM customers ";
            $query .= "WHERE email = '{$email}' ";
            $query .= "AND hashed_password = '{$hashed_password}' ";
            $query .= "LIMIT 1";
            $result_set = mysql_query($query);
            redirect_to("account.php");
        }
        else {
            echo "error";
        }

    }       
?>
    <!-- signup box -->
    <div id="box_sign">
        <div class="container">
            <div class="span12 box_wrapper">
                <div class="span12 box">
                    <div>
                        <div class="head">
                            <h4>Sign In</h4><br />
                             <div class="text-error">
                              <?php echo $error; ?><br />
                              <p class="text-success"><strong><?php echo $success; ?></strong></p>
                            </div>
                        </div>
                        <div class="form">
                            <form action="sign-in.php" method="POST">

                              <input type="text" id="Email" name="Email" placeholder="Email"/>

                              <input type="password" id="password" name="password" placeholder="Password"/>
                                    <div class="right">
                                        <a href="reset.html">Forgot password?</a>
                                    </div>
                              <input type="submit" name="submit" class="btn" value="Sign In"/>
                            </form>
                        </div>
                    </div>
                </div>
                <p class="already">Don't have an account? 
                    <a href="signin.html">Sign up</a></p>
            </div>
        </div>
    </div>

Answer 1

redirect_to()不是一个预定义的PHP函数，它是一个自定义函数，可能你从其他地方选择了这个代码而你忘了拿起函数代码..应该可能就是这个

function redirect_to($link) {
   header('Location: '.$link);
   exit;
}

此外elseif {无效，没有条件

也无效

Answer 2

更改：

elseif {
    $query = "SELECT id, email ";
    $query .= "FROM customers ";
    $query .= "WHERE email = '{$email}' ";
    $query .= "AND hashed_password = '{$hashed_password}' ";
    $query .= "LIMIT 1";
    $result_set = mysql_query($query);
    redirect_to("account.php");
}

致：

else {
    $query = "SELECT id, email ";
    $query .= "FROM customers ";
    $query .= "WHERE email = '{$email}' ";
    $query .= "AND hashed_password = '{$hashed_password}' ";
    $query .= "LIMIT 1";
    $result_set = mysql_query($query);
    if (mysql_num_rows()>0){
        Header("Location:account.php");
    }
    else {
        echo 'Password or email is wrong';
    }
}

用mysql登录页面选择where语句

2 个答案: