使用会话的PHP和SQL登录表单

时间:2014-12-07 19:49:32

标签: php mysql forms login

我正在尝试为我的网站创建一个简单的登录表单。我有一个非常基本的HTML表单,指向一个PHP文件。我不需要安全或任何东西..我正在寻找一些非常基本的东西。我真的不确定我在哪里错了。当我尝试使用mysql中已有的信息登录时,它仍然会将我带回登录页面,而不是将我带到我的帐户页面。

HTML 

        <div class="container">
        <div class="row">
          <div class="col-md-8 col-md-offset-2">
            <div class="well well-sm">
              <form class="form-horizontal" action="actLogin.php" method="post">
              <fieldset>
                <legend class="text-center">Sign In</legend>


                <!-- Message body -->
                <div class="form-group">
                  <label class="col-md-4 control-label" for="Username">Username</label>
                  <div class="col-md-8">
                    <input id="username" name="username" type="text" placeholder="Your email" class="form-control">
                  </div>
                </div>

                <div class="form-group">
                  <label class="col-md-4 control-label" for="Password">Password</label>
                  <div class="col-md-8">
                    <input id="password" name="password" type="text" placeholder="Your email" class="form-control">
                  </div>
                </div>

                <!-- Form actions -->
                <div class="form-group">
                  <div class="col-md-12 text-right">
                    <button onClick="return validateForm()" type="submit" class="btn btn-primary btn-lg">Submit</button>
                 ` </div>
                </div>
              </fieldset>
              </form>
            </div>
          </div>
        </div>
    </div>

PHP          

session_start();

//Get username and password from the form.
$username = filter_input(INPUT_POST,"username");
$password = filter_input(INPUT_POST,"password");

//Call the database and check to make sure the password matches
$conn = mysql_connect("localhost","root","MIS42520!$") or die(mysql_error());
mysql_select_db("cookie",$conn);

$username = mysql_real_escape_string($username);
$sql = "select id, username, password from universal where username = '$username'";
$result = mysql_query($sql, $conn) or die(mysql_error());

if(mysql_num_rows($result) == 0) {
    header('Location: login.php');

}

$userData = mysql_fetch_array($result, MYSQL_ASSOC);

if ($password != $userData['password']) {
    header('Location: login.php');
}
else {
    session_regenerate_id();
    $_SESSION['id']=$userData['id'];
    $_SESSION['username']=$userData['username'];
    $_SESSION['password']=$userData['password'];
    session_write_close();
    header('Location: account.php');
}

?>

1 个答案:

答案 0 :(得分:0)

尝试:

$sql = "select id, username, password from universal where username = '".$username."'";

在重定向中添加一个变量,以了解系统重定向到登录页面的位置,如:

header('Location: login.php?var=1');

并且

header('Location: login.php?var=2');

在第二个。

相关问题
最新问题