带有admin和用户的PHP登录系统

时间:2014-11-19 19:05:14

标签: php mysql login

我想制作一个登录表单,其中包含用户和管理员之间的区别。因此,用户转到第/ 123页,管理员转到第/ 456页。我尝试了很多,但它不起作用。这是我的:

register.php 

<html>

<?php

//$submitbutton = $_GET['submit'];

if($_SERVER['REQUEST_METHOD'] == "POST")
{

ob_start();
$host="localhost";
$DB_username="....";
$DB_password="...";
$db_name="m6-biol";
$tbl_name="leden";

$connection = mysql_connect("$host", "$DB_username", "$DB_password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");


    $username   = $_POST['username'];
    $email  = $_POST['email'];
    $password   = $_POST['password'];

    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) // Validate email address
    {
        $message =  "Wrong e-mail ";
    }

    $query = "SELECT email FROM leden WHERE email ='".$email."'";
    $result = mysql_query($query) or die (mysql_error());
    $numResults = mysql_num_rows($result);
    if($numResults>=1)
    {
        $message = $email." Email already exist";
    }
    else
    {
        mysql_query("insert into leden(username,email,password) values('".$username."','".$email."','".md5($password)."')") or die (mysql_error());;
        $message = "You are a member";
    }
    echo $message;
//  }
}
?>
<form action="" method="post">
    <p><input id="username" name="username" type="text" placeholder="Name"></p>
    <p><input id="email" name="email" type="text" placeholder="Email"></p>
    <p><input id="password" name="password" type="password" placeholder="Password">
        <input name="action" type="hidden" value="signup" /></p>
    <p><input type="submit" value="Signup" name="submit" /></p>
 </form>

 </html>

controle.php(在荷兰语config.php中表示) 

    <?php
ob_start();
$host="localhost";
$DB_username="******";
$DB_password="******";
$db_name="m6-biol";
$tbl_name="leden";

$connection = mysql_connect("$host", "$DB_username", "$DB_password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

$myusername=$_POST['username']; 
$mypassword=md5($_POST['password']); 

//$myusername = stripslashes($myusername);
//$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

$count=($result ? mysql_num_rows($result) : 0);

if($count==1){
    session_register("myusername");
    session_register("mypassword"); 
    header("location:gelukt.php");
}
else {
echo "Wrong username or password\n";
}

ob_end_flush();

?>

2 个答案:

答案 0 :(得分:0)

您需要开始使用会话:

session_start()

并改变:

session_register("myusername");
session_register("mypassword");

使用它 $ array = mysql_fetch_array($ result); 

$_SESSION['myusername'] = $array['username'];
$_SESSION['myusername'] = $array['password'];

我帮助了

答案 1 :(得分:-1)

制作PHP代码的一些事情&#34;更好&#34;。

  1. 不要使用不再维护的mysql_functions。相反,请使用mysqli_*

    2. PDO

    1. 你正确使用了真正的转义字符串,但是像我说的那样改变它mysqli_或PDO ..只初始化一次就足够了:

      $ myusername = mysqli_real_escape_string($ _ POST [&#39; username&#39;]);

      1. 如果您想确定其用户或管理员是否需要制作IF语句和条件以识别用户名,如果他们将拥有某个页面的权限并在脚本顶部添加SESSION。 look at this tutorial
相关问题
最新问题