获取此错误,您的SQL语法出错;检查与MySQL服务器版本对应的手册,以便在第1行的''附近使用正确的语法
从这里得到上述错误,我是PHP的新手,所以我不知道问题是什么,有什么帮助吗?
<?php
session_start();
//ob_start();
//make connection
$con = mysql_connect ("***" , "***", "***")
or die ("Query died: connect");
mysql_select_db("*****",$con);
// Grab User submitted information
$user = $_POST["myuser"];
$pass = $_POST["mypwd"];
strong text$result = mysql_query("SELECT FirstName, Password FROM memberst WHERE FirstName = $user");
if (!$result) { // add this check.
die('Invalid query: ' . mysql_error());
}
$row = mysql_fetch_array($result);
if($row["Firstname"]==$user && $row["Password"]==$pass) {
echo $row["Firstname"];
//header("location:LoginSuccess.php");
}
else {
echo"Sorry, your credentials are not valid, Please try again.";
}`enter code here`
?>
答案 0 :(得分:1)
试试这个
<?php
define('DB_host', 'localhost');
define('DB_username', 'root');
define('DB_password','');
if( !(isset( $_POST['login'] ) ) ) { ?>
<div align="center">
<fieldset style="width:10%;">
<form name="login" action="" method="POST">
<div align="left">
<label for "username">Username: </label>
<input type="text" name="username"/>
<br />
<label for "password">Password: </label>
<input type="password" name="password"/><br />
</div>
<div align="center">
<input type="submit" name="login" value="Login" />
<input type="reset" value="Reset" />
</div>
</form>
</fieldset>
</div>
</div>
<?php
} else {
$con = new PDO("mysql:host=". DB_host .";dbname=YOUR DATABASE NAME", DB_username , DB_password);
$con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
$sql = "SELECT * FROM users WHERE username = :username AND password = :password LIMIT 1";
$stmt = $con->prepare( $sql );
$stmt->bindValue( "username", $_POST['username'], PDO::PARAM_STR );
$stmt->bindValue( "password", $_POST['password'] , PDO::PARAM_STR );
$stmt->execute();
if( $stmt->rowCount() > 0 ) {
header('location: home.php');
} else {
echo '<script> window.alert("Incorrect Input")
window.location.href="login.php";</script>';
}
}
?>