登录系统无法正常工作

时间:2016-07-20 22:31:55

标签: php login error-handling

我在数据库中输入正确的密码和用户名,但它说它无效。然后我试图错误地输入用户名和密码,并且意味着回应相同的错误。

下面是我的代码:

    <?php
$servername = "localhost";
$dbname = "dbtechnerdzzz";
$user = "root";
$password = "root";
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
  if (empty($_POST['form-username']) || empty($_POST['form-password'])) {
    $error = "Username or Password is invalid";
  }
  else
  {
    $connection=mysqli_connect($servername, $user, $password, $dbname);
    // Check connection
    if (mysqli_connect_errno()){
      echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }

    // To protect MySQL injection for Security purpose
    $username = mysqli_real_escape_string($connection,$_POST['form-username']);
    $password = mysqli_real_escape_string($connection,$_POST['form-password']);

    // SQL query to fetch information of registerd users and finds user match.
    $query = mysqli_query($connection,"select * from accounts where Password='$password' AND Username='$username'");
    if(!$query) die(mysqli_error($connection));
    $rows = mysqli_num_rows($query);
    echo mysqli_error ( $connection );
if ($rows == 0) {
  // zero row found

  $error = "Username or Password is invalid";
  //header("location: signin.php"); // Redirecting To login Page
  echo "Username or Password is invalid";

} else {
  // at least one row has been found

  $_SESSION['login_user'] = $username; // Initializing Session
  header("location: profile.php"); // Redirecting To profile Page
  echo "login successful"; // this line will never be executed because user is redirected with header (line above)

}

mysqli_close($connection); // Closing Connection
?>

更新1(2016年7月21日00:27 BST):

我在浏览器中遇到此错误:

  

localhost页面无效,localhost目前无法使用   处理这个请求。 HTTP ERROR 500

然后我查看了我的日志并说:

  

PHP Parse错误:语法错误,第44行意外的文件结尾

第44行是:

?>

所以这是文件的结尾。

2 个答案:

答案 0 :(得分:0)

如果我是你,我会这样做if语句:

if ($rows == 0) {
  // zero row found

  $error = "Username or Password is invalid";
  //header("location: signin.php"); // Redirecting To login Page
  echo "Username or Password is invalid";

} else {
  // at least one row has been found

  $_SESSION['login_user'] = $username; // Initializing Session
  header("location: profile.php"); // Redirecting To profile Page
  echo "login successful"; // this line will never be executed because user is redirected with header (line above)

}

mysqli_close($connection); // Closing Connection

如果您碰巧有两行具有相同的用户,则if语句仍然有效并且回显&#34;登录成功&#34;

答案 1 :(得分:0)

您的查询可能存在问题。在查询执行和行数

之间插入一个检查 
$query = mysqli_query(...);
if(!$query) die(mysqli_error($connection));
$rows = mysqli_num_rows($query);

这将在屏幕上显示任何错误。它只用于测试;最终用户不应该看到服务器错误的详细信息。

相关问题
最新问题