使用准备好的语句在php登录表单中出错

时间:2019-04-21 09:11:32

标签: php

我是编程新手,这里我正在创建简单的注册和登录表单,我的注册表单可以正确地在数据库中正确记录用户提供的输入,但是当我在登录表单中使用相同的用户名和密码时,它不会“行不通,它无法登录用户,我正在使用准备好的语句,请您提供帮助,如果我犯了一些明显的错误,请原谅我。我查阅了一些教程,但无法弄清楚。...

谢谢。...

这是我的HTML代码

<!DOCTYPE html>
<html>
<head>
    <title>Login page</title>
</head>
<body>
    <form method="POST" action="register.php">
        <div class="container">
            <label>Username :</label>
            <input type="text" name="username" placeholder="Username"><br><br>
            <label>Password :</label>
            <input type="Password" name="password" placeholder="Password"><br><br>
            <button type="sumbit" value="sumbit" name="sumbit">Register</button>
        </div>
    </form>
    <br><br>
    <form method="POST" action="login.php">
        <div class="container">
            <label>Username :</label>
            <input type="text" name="username" placeholder="Username"><br><br>
            <label>Password :</label>
            <input type="Password" name="password" placeholder="Password"><br><br>
            <button type="sumbit" value="sumbit" name="login">Login</button>
        </div>
    </form>
</body>

这是我的登录代码:

<?php
include "register.php";

session_start();


$username = $_POST['username'];
$password = $_POST['password'];



$sql = "SELECT * FROM users where username ='$username' && password='$password'";

$stmt = $conn->prepare($sql);

$stmt->bindParam(':username',$username);
$stmt->bindParam(':password',$password);
$stmt->execute();
$stmt->bind_result($username,$password);
$stmt->store_result();
$row = $stmt->fetch(PDO::FETCH_ASSOC);

if($stmt->row ==1){

    $_SESSION['login'] = $username;
    header("location: home.php");

}else{
    echo "Username and password is incorrect";

}

?>

2 个答案:

答案 0 :(得分:1)

您正在绑定参数,但这些参数不在查询字符串中。

更改

import json

with open('/var/task/constants/aws.json') as json_file:  
    data = json.load(json_file)


SELECT * FROM users where username ='$username' && password='$password'

答案 1 :(得分:0)

您在sql查询和mysqli的混合方法中弄错了

    <?php
include "register.php";
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * FROM users where username =':username' && password=':password'";
$stmt = $conn->prepare($sql); $stmt->bindParam(':username',$username); $stmt->bindParam(':password',$password); $stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($row){
    $_SESSION['login'] = $username;
    header("location: home.php");
}else{
    echo "Username and password is incorrect";
} ?>

就是这样。

相关问题
最新问题