这是我的代码
<form action="login.php" method="post">
<table>
<tr>
<td>User Name:</td>
<td>
<input autofocus name="username" type="text" style="font-size:30px;" />
</td>
</tr>
<tr>
<td>Password</td>
<td>
<input name="password" type="password" style="font-size:30px;" />
</td>
</tr>
</table>
<p class="center span5">
<button type="submit" style="font-size:30px;" name="login">Login</button>
</p>
</form>
PHP 代码
$username = $_POST["username"];
$password = $_POST["password"];
$resultt = mysql_query("SELECT * FROM Table_name WHERE admin_username ='$username' AND admin_password ='$password'");
$result = mysql_num_rows($resultt);
if ($result != 0) {
while ($row = mysql_fetch_assoc($resultt)) {
$type = $row['admin_type'];
$user_info = $row['user_info'];
$_SESSION['username'] = $username;
$_SESSION['user_info'] = $user_info;
}
}
答案 0 :(得分:1)
更改为
<input type="submit" style="font-size:30px;" name="login" value="Login" />
而不是
<button type="submit" style="font-size:30px;" name="login">Login</button>
答案 1 :(得分:0)
答案 2 :(得分:0)
正如其他人所说,使用输入类型。
您的PHP容易受到MySQL注入攻击,因为您将用户提供的数据直接放入查询中而无需转义/清理/验证。我建议读一读:
http://php.net/manual/en/security.database.sql-injection.php