我遇到了一個問題,所以當用戶嘗試登錄並失敗(輸入錯誤的用戶名&密碼)數據需要保存在數據庫中,但它不會工作。 如果我把INSERT INTO插入if ($pw == $row['passwd']
它會工作,但我想寫在其他例如像。失敗的登錄嘗試登錄到數據庫
<?php
session_start();
require('connect.php');
$mail = $_POST['mail'];
$pw = $_POST['password'];
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$lastip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$lastip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$lastip = $_SERVER['REMOTE_ADDR'];
}
$time = date('Y-m-d H:i:s');
$query = "SELECT * FROM `users` WHERE `login_email`='$mail' AND `passwd`='$pw'";
$result = mysql_query($query);
if(!$result){$_SESSION['error'] = 1;Header("Location: login.php");}
while ($row = mysql_fetch_assoc($result)) {
if ($pw == $row['passwd'])
{
$_SESSION['logiran'] = 1;
$_SESSION['mail'] = $mail;
$_SESSION['error'] = 0;
$_SESSION['sucess'] = 1;
$_SESSION['msg'] = 0;
$_SESSION['subuser'] = 0;
$_SESSION['subcid'] = $row['id'];
$query = "UPDATE `users` SET `login` = '$time' WHERE `login_email`='$mail' AND `passwd`='$pw'";
mysql_query($query);
$query = "UPDATE `users` SET `last_ip` = '$lastip' WHERE `login_email`='$mail' AND `passwd`='$pw'";
mysql_query($query);
Header("Location: index.php");
}
else
{
$query = "INSERT INTO `alerts`(`ipaddress`, `user`, `added`) VALUES ('$lastip', '$mail', '$time')";
mysql_query($query);
$_SESSION['error'] = 1;
$_SESSION['logiran'] = 0;
$_SESSION['subcid'] = 0;
$_SESSION['subuser'] = 0;
Header("Location: login.php");
}
}
?>
'if($ result){$ _ SESSION ['error'] = 1; Header(「Location:login.php」);}'我不認爲這有什麼意義 – 2015-04-02 09:24:02