<?php
if(array_key_exists("logIn",$_POST))
{
$link = mysqli_connect("dbaddress", "dbname", "dbpassword", "dbuser");
if(!$_POST['regno'])
{
$error .= "Please enter your registration number";
}
if(!$_POST['password'])
{
$error .= "Password is required!";
}
if($error!="")
{
echo "<p>There were errors in your forms!</p>".$error;
}
else
{
$query = "SELECT * FROM `users` WHERE RegistrationNo = '".mysqli_real_escape_string($link, $_POST['regno'])."'";
$result = mysqli_query($link, $query);
$row = mysqli_fetch_array($result);
if (isset($row)) {
$hashedPassword = md5(md5($row['id']).$_POST['password']);
if ($hashedPassword == $row['password']) {
$_SESSION['id'] = $row['id'];
header("Location: after_login.php");
}
else {
$error = "That email/password combination could not be found.";
}
}
else {
$error = "That email/password combination could not be found.";
}
}}
?>
<form method="post">
<center><input type="text" placeholder="Enter Username" name="regno" id="log_username" class="sidelog"/>
<input type="password" placeholder="Enter Password" name="password" id="real_pass" class="sidelog"/>
</br><button id="button_log" type="submit" name="logIn" > GO </button> </center>
</form>
無論何時填寫表格並提交,頁面都會重新加載。標題不起作用。我似乎無法弄清楚爲什麼。如果我把表格留空,錯誤字符串顯示正常。我使用md5加密密碼。我將數據庫中id的md5與密碼連接起來,md5將結果字符串加密。PHP登錄表格不能與mysql一起使用
沒有'在session_start()'開頭讓您從'after_login.php'重定向?而且你不應該使用md5來哈希密碼,請參閱http://stackoverflow.com/questions/401656/secure-hash-and-salt-for-php-passwords – jeroen
@jeroen實際代碼中就是這樣。沒有包括在問題中。我的壞 –
順便說一下,當登錄失敗時,你沒有對你的'$ error'變量做任何事情。添加錯誤處理並顯示php的錯誤。 – jeroen