<?php
session_start();
require_once('dbconfig/config.php');
//phpinfo();
?>
<!DOCTYPE html>
<html>
<head>
<title>Login Page</title>
<link rel="stylesheet" href="css/style.css">
</head>
<body style="background-color:#bdc3c7">
<div id="main-wrapper">
<center><h2>Login Form</h2></center>
<div class="imgcontainer">
<img src="imgs/avatar.png" alt="Avatar" class="avatar">
</div>
<form action="index.php" method="post">
<div class="inner_container">
<label><b>Username</b></label>
<input type="text" placeholder="Enter Username" name="username" required>
<label><b>Password</b></label>
<input type="password" placeholder="Enter Password" name="password" required>
<button class="login_button" name="login" type="submit">Login</button>
<a href="register.php"><button type="button" class="register_btn">Register</button></a>
</div>
</form>
<?php
if(isset($_POST['login']))
{
@$username=$_POST['username'];
@$password=$_POST['password'];
@$date=$_POST[date('Y-m-d')];
$query = "select * from userinfotbl where username='$username' and password='$password' ";
$query1="insert into userinfotbl values('$date')";
//echo $query;
$query_run = mysqli_query($con,$query);
$query_run1 = mysqli_query($con,query1);
//echo mysql_num_rows($query_run);
if($query_run)
{
if(mysqli_num_rows($query_run)>0)
{
$row = mysqli_fetch_array($query_run,MYSQLI_ASSOC);
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
header("Location: homepage1.php");
}
else
{
echo '<script type="text/javascript">alert("No such User exists. Invalid Credentials")</script>';
}
}
else
{
echo '<script type="text/javascript">alert("Database Error")</script>';
}
}
else
{
}
?>
</div>
</body>
</html>
我的數據庫中的日期字段正在填充與0000-00-00我需要插入該字段與系統日期時用戶點擊登錄按鈕。我無法檢測到問題。我有一個變量$日期,我分配的功能日期('YM - D')。我需要插入日期到數據庫當用戶點擊登錄按鈕通過php
這只是錯誤的:sql注入,純文本密碼,在會話中存儲密碼,用'@'壓制錯誤,在數據庫中插入沒有任何可識別信息的行,嘗試訪問不存在的POST變量。你應該重新開始。 – jeroen