我创建了一个登录名,用户必须输入用户名和密码。用户名和密码将被验证。如果用户名和密码在数据库中的记录中匹配,那么它应该继续,但是如果用户名和密码与数据库中的数据不匹配,它仍然会继续。 会有更好的代码吗?我正在使用PHP和MS SQL SERVER。
.list-group{
margin-top: 50px;
/*50px or the value of the height of navbar-header */
}
<?php
session_start();
$serverName = "MELODY-PC\SQLEXPRESS";
$connectionInfo = array( "Database"=>"customerdb", "UID"=>"dbadmin", "PWD"=>"melodyjerah" );
$conn = sqlsrv_connect( $serverName, $connectionInfo);
if( $conn === false ) {
die( print_r( sqlsrv_errors(), true));
}
$username = $_REQUEST['user'];
$password = $_REQUEST['pass'];
$tsql = "SELECT * FROM accounting_login WHERE username='$username' AND password='$password'";
$stmt = sqlsrv_query( $conn, $tsql, array(), array( "Scrollable" => SQLSRV_CURSOR_KEYSET ));
if($stmt == true){
$_SESSION['valid_user'] = true;
$_SESSION['username'] = $username;
header('Location: accounting_page.php');
die();
}else{
header('Location: error.html');
die();
}
?>