我想制作一个登录表单,其中包含用户和管理员之间的区别。因此,用户转到第/ 123页,管理员转到第/ 456页。我尝试了很多,但它不起作用。这是我的:
register.php
<html>
<?php
//$submitbutton = $_GET['submit'];
if($_SERVER['REQUEST_METHOD'] == "POST")
{
ob_start();
$host="localhost";
$DB_username="....";
$DB_password="...";
$db_name="m6-biol";
$tbl_name="leden";
$connection = mysql_connect("$host", "$DB_username", "$DB_password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) // Validate email address
{
$message = "Wrong e-mail ";
}
$query = "SELECT email FROM leden WHERE email ='".$email."'";
$result = mysql_query($query) or die (mysql_error());
$numResults = mysql_num_rows($result);
if($numResults>=1)
{
$message = $email." Email already exist";
}
else
{
mysql_query("insert into leden(username,email,password) values('".$username."','".$email."','".md5($password)."')") or die (mysql_error());;
$message = "You are a member";
}
echo $message;
// }
}
?>
<form action="" method="post">
<p><input id="username" name="username" type="text" placeholder="Name"></p>
<p><input id="email" name="email" type="text" placeholder="Email"></p>
<p><input id="password" name="password" type="password" placeholder="Password">
<input name="action" type="hidden" value="signup" /></p>
<p><input type="submit" value="Signup" name="submit" /></p>
</form>
</html>
controle.php(在荷兰语config.php中表示)
<?php
ob_start();
$host="localhost";
$DB_username="******";
$DB_password="******";
$db_name="m6-biol";
$tbl_name="leden";
$connection = mysql_connect("$host", "$DB_username", "$DB_password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$myusername=$_POST['username'];
$mypassword=md5($_POST['password']);
//$myusername = stripslashes($myusername);
//$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$count=($result ? mysql_num_rows($result) : 0);
if($count==1){
session_register("myusername");
session_register("mypassword");
header("location:gelukt.php");
}
else {
echo "Wrong username or password\n";
}
ob_end_flush();
?>
答案 0 :(得分:0)
您需要开始使用会话:
session_start()
并改变:
session_register("myusername");
session_register("mypassword");
使用它 $ array = mysql_fetch_array($ result);
$_SESSION['myusername'] = $array['username'];
$_SESSION['myusername'] = $array['password'];
我帮助了
答案 1 :(得分:-1)
制作PHP代码的一些事情&#34;更好&#34;。
你正确使用了真正的转义字符串,但是像我说的那样改变它mysqli_或PDO ..只初始化一次就足够了:
$ myusername = mysqli_real_escape_string($ _ POST [&#39; username&#39;]);