我正在尝试为我的网站创建一个简单的登录表单。我有一个非常基本的HTML表单,指向一个PHP文件。我不需要安全或任何东西..我正在寻找一些非常基本的东西。我真的不确定我在哪里错了。当我尝试使用mysql中已有的信息登录时,它仍然会将我带回登录页面,而不是将我带到我的帐户页面。
HTML
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<div class="well well-sm">
<form class="form-horizontal" action="actLogin.php" method="post">
<fieldset>
<legend class="text-center">Sign In</legend>
<!-- Message body -->
<div class="form-group">
<label class="col-md-4 control-label" for="Username">Username</label>
<div class="col-md-8">
<input id="username" name="username" type="text" placeholder="Your email" class="form-control">
</div>
</div>
<div class="form-group">
<label class="col-md-4 control-label" for="Password">Password</label>
<div class="col-md-8">
<input id="password" name="password" type="text" placeholder="Your email" class="form-control">
</div>
</div>
<!-- Form actions -->
<div class="form-group">
<div class="col-md-12 text-right">
<button onClick="return validateForm()" type="submit" class="btn btn-primary btn-lg">Submit</button>
` </div>
</div>
</fieldset>
</form>
</div>
</div>
</div>
</div>
PHP
session_start();
//Get username and password from the form.
$username = filter_input(INPUT_POST,"username");
$password = filter_input(INPUT_POST,"password");
//Call the database and check to make sure the password matches
$conn = mysql_connect("localhost","root","MIS42520!$") or die(mysql_error());
mysql_select_db("cookie",$conn);
$username = mysql_real_escape_string($username);
$sql = "select id, username, password from universal where username = '$username'";
$result = mysql_query($sql, $conn) or die(mysql_error());
if(mysql_num_rows($result) == 0) {
header('Location: login.php');
}
$userData = mysql_fetch_array($result, MYSQL_ASSOC);
if ($password != $userData['password']) {
header('Location: login.php');
}
else {
session_regenerate_id();
$_SESSION['id']=$userData['id'];
$_SESSION['username']=$userData['username'];
$_SESSION['password']=$userData['password'];
session_write_close();
header('Location: account.php');
}
?>
答案 0 :(得分:0)
尝试:
$sql = "select id, username, password from universal where username = '".$username."'";
在重定向中添加一个变量,以了解系统重定向到登录页面的位置,如:
header('Location: login.php?var=1');
并且
header('Location: login.php?var=2');
在第二个。