1. 首頁
  2. 問答
  3. 我不能登錄系統

我不能登錄系統

2015-09-06 127 views
-1

這裏是我的login.php我不能登錄系統

<? 
    session_start(); 
    if (isset($_POST['Login'])) { 
    include_once("connect.php"); 
    $user_ok = false; 
    $usernamer=$_POST['Usernamer']; 
    $passaword=$_POST['passsword']; 
    $id = "SELECT id FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1"; 
    function evalLoggedUser($link,$id,$usernamer,$passaword){ 
     $sql = "SELECT ip FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1"; 
     $query = mysqli_query($link, $sql); 
     $numrows = mysqli_num_rows($query); 
     if($numrows > 0){ 
      return true; 
     } 
    } 
     $user_ok = evalLoggedUser($link,$usernamer,$passaword,$id); 
     if(isset($_POST['Login'])){ 
     if($user_ok == true){ 
     header("location: user.php?u=".$_POST["Usernamer"]); 
     }else{ 
     echo "username was not found"; 
     } 
     } 
    } 
    ?>

它給像

mysqli_num_rows誤差修改()預計參數1被mysqli_result,空給出

即使當我輸入正確的用戶名時,它也會回顯username was not found

來源

2015-09-06 qwaaz

+1

犯了一些錯誤。 '$ id' sql語句不會被使用並且最初引用'id' - 函數中實際的sql引用'ip'〜我猜它們應該是相同的 - 可能是id。你對'evalLoggedUser'函數的調用有錯誤的序列 – RamRaider

+0

有可能是一個錯字:它不應該重寫$ _post ['passaword']而不是passsword? –

+0

@一些 - 非描述用戶沒有輸入的名稱是密碼時應 – qwaaz

回答

0

I thi NK應該

if($numrows < 0){ 
    return true; 
    }

和您的查詢應該是:

$id = "SELECT id FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1"; 
//change $Usernamer to $usernamer

來源

2015-09-06 09:43:18 aldrin27

+0

爲什麼「$ numRows行<0」? –

+0

因爲如果你'$ numRows行<0'將返回false,不會去if語句 – aldrin27

+0

我還是不明白這裏面。如果數據庫查詢返回多於零的行,你希望函數返回true,對嗎? $ numrows <0的計算結果爲true,如果您有某種錯誤,不是?所以你只有在mysqli_num_rows()給出錯誤時才返回true。 –

0

呀!參數一必須是結果集。這意味着你必須通過$查詢不是你的SQL查詢

來源

2015-09-06 09:43:44 peter

+0

哪裏?你的意思是第14行? – qwaaz

0

原來的一些變化與適當的意見

<?php 
    session_start(); 
    if (isset($_POST['Login'])) { 

     include_once("connect.php"); 
     $user_ok = false; 

     $usernamer=$_POST['Usernamer']; 
     $passaword=$_POST['passsword']; 
     /* to debug */ 
     echo "POSTED username:".$usernamer." POSTED password: ".$passaword; 

     /* 
      this gets passed as a parameter to the function but never used... 
      $id = "SELECT id FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1"; 
     */ 
     function evalLoggedUser($conx, $u, $p){ 
      /* To use the variables above ($usernamer & $passaword) you would need to declare them as global within the function */ 
      /* I assumed, perhaps wrongly, that this ought to have been id rather than ip */ 

      $sql = "SELECT `id` FROM `websiteusers` WHERE `userName`='$u' AND `pass`='$p' LIMIT 1"; 

      /* to debug */ 
      exit("PARAM Username:".$u ."<br />PARAM Password:". $p ."<br />sql:" .$sql); 

      $query = mysqli_query($link, $sql); 
      $numrows = mysqli_num_rows($query); 

      /* previously the function only returned a value if there was a recordset */ 
      return ($numrows > 0) ? true : false; 
     } 


     /* 
      The sequence of parameters was incorrect 
     */ 
     $user_ok = evalLoggedUser($link, $usernamer, $passaword); 

     if(isset($_POST['Login'])){ 
      if($user_ok === true){ 
       header("location: user.php?u=".$usernamer); 
      }else{ 
       echo "username was not found"; 
      } 
     } 
    } 
?>

來源

2015-09-06 09:48:26 RamRaider

+0

所以它刪除了所有的錯誤,但仍然回聲的用戶名沒有被發現 – qwaaz

+0

對於一個試驗,嘗試添加'退出($ SQL)'後的SQL語句已經在'evalLoggedUser'函數創建(但不執行)。看看回顯到屏幕的SQL - 它看起來是否正確?你可以在你的mysql客戶端/ gui中運行該sql並獲取返回的數據嗎? – RamRaider

+0

沒有它示出了該SELECT'userId' FROM'websiteusers' WHERE'userName' = '' 和'pass' = '' LIMIT 1 – qwaaz

相關問題

 相關問題