我正在使用php和mysqli创建一个登录页面,但是,当我输入错误的用户名和密码时,它无法显示错误消息。
<?php
session_start();
$error="";
//connect database
include("../task2/db_setting.php");
if($_SERVER["REQUEST_METHOD"]=="POST"){
//email and password from form
$email = mysqli_real_escape_string($conn,$_POST['email']);
$password= md5(mysqli_real_escape_string($conn,$_POST['password']));
//Retrive data from database
$sql = "SELECT * FROM user WHERE email='$email' and password = '$password'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$_SESSION["login_user"]=$row[email];
$_SESSION["id"]=$row[id];
}
}
else {
$error="Your Login name or password is invalid";
}
if(isset($_SESSION["login_user"]))
header("location:account.php");
}?>
如果我输入了错误的用户名,它只能登录,但是$ error没有出现,我试图将其更改为echo但是出现,它会在我登录或输入之前始终回显错误信息anythings。我认为这意味着代码总是运行else语句。
有人知道我的代码有什么问题吗?
答案 0 :(得分:0)
<?php
if(isset($error))
{
echo '<div style="color:#FF0000;text-align:center;font-size:12px;">'.$error.'</div>';
}
?>
答案 1 :(得分:-1)
如果(isset($ _ POST [&#39;提交&#39;]))
{
$ email = mysql_real_escape_string($ _ POST [&#39; email&#39;]);
$ upass = mysql_real_escape_string($ _ POST [&#39; pass&#39;]);
$ res = mysql_query(&#34; SELECT * FROM users WHERE email =&#39; $ email&#39;&#34;);
$行= mysql_fetch_array($ RES);
如果($行[&#39;密码&#39;] == MD5($ upass))
{
$_SESSION['user'] = $row['id'];
header("Location: account.php");
}
否则
{
&GT;
<script>alert('You Entered Wrong Details');</script>
<?php
}