我有以下代碼:爲什麼錯誤,當用戶登錄時不顯示不正確
session_start();
include 'core/init.php';
$username = '';
$password = '';
$dbusername = '';
$dbpassword = '';
if (isset($_POST['Email']) && isset($_POST['Password']))
{
$username = $_POST['Email'];
$password = md5($_POST['Password']);
$query = mysql_query("SELECT * FROM member WHERE Email ='$username' AND Password='$password'");
$numrow = mysql_num_rows ($query);
// user login
if ($numrow!=0)
{
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['Email'];
$dbpassword = $row['Password'];
}
//Check to see if they match
if ($username==$dbusername&&$password==$dbpassword)
{
$_SESSION ['Email']=$username;
header('Location: member.php?username='.$username);
}
}
else
{
// admin login
$query2 = mysql_query("SELECT * FROM admin WHERE Email ='$username' AND Password ='$password'");
$numrow2 = mysql_num_rows ($query2);
if ($numrow2!=0)
{
while ($row = mysql_fetch_assoc($query2))
{
$dbusername = $row['Email'];
$dbpassword = $row['Password'];
}
//Check to see if they match
if ($username==$dbusername&&$password==$dbpassword)
{
$_SESSION ['Email']=$username;
header("Location: admin.php");
}else{
if (empty ($username) === true|| empty($password) === true) {
echo "Please enter a username and password";
} else if ($username!=$dbusername){
echo "That user does not exist! Have you registered?";
} else if ($username=$dbusername&&$password!=$dbpassword) {
echo "Incorrect password";
}
}
}
}
}
但是,如果不正確用戶登錄,沒有任何錯誤信息都顯示,只是一個空白頁面,我認爲它我的花括號,但無論我改變他們多少次,我要麼讓事情變得更糟,要麼什麼也不做。任何人都可以告訴我我做錯了什麼?
您是否嘗試過讓使用error_reporting?如何使用IDE和正確的縮進? – mario
相關閱讀:[PHP SQL注入(http://stackoverflow.com/questions/60174/how-to-prevent-sql-injection-in-php) – jbabey
謝謝@jonhopkins用於清潔陷入困境。 – Pitchinnate