1. 首頁
  2. 問答
  3. 在html中使用php

在html中使用php

2013-06-28 21 views
-6

我有登錄表單和與之對應的數據庫。我想使用其他塊來登錄後在這裏標題顯示無效的用戶名/密碼。如何使用我的PHP代碼else塊的HTML表單你在沒有檢查一個SQL語句中使用POST變量somwhere在html中使用php

<?php 

require "connect.inc.php"; 
if(isset($_POST['username'])&&isset($_POST['password'])) 
{ 
    $username=$_POST['username']; 
    $password=$_POST['password']; 
    if(!empty($username)&&!empty($password)) 
    { 
     $query="SELECT id FROM sch_user WHERE username='$username' AND password='$password'"; 
     if($query_run = mysql_query($query)) 
     { 
      $num_rows=mysql_num_rows($query_run); 
      if($num_rows===1) 
      { 
       header("Location:index.html"); 
      } 

?> 


<head> 
    <title>Brilliant Educational Society</title> 
    <link rel="stylesheet" href="homepage.css"> 
    <link rel="stylesheet" href="branch_login.css"> 
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script> 
</head> 
<body> 

    <table id="container" border=0"> 
     <tr><td> 
      <table id="title_container" border=0 width=100%> 
      <tr> 
       <td style="width:90px;"><div id="logo"><img src="logo.jpg" style="height:70px;width:70px;margin-left: 10px;"></div></td> 
       <td><div id="title" style="color:maroon"><b><i>Brilliant Educational Society</b></div></td></i> 
       <td style="width:200px"><div id="contact">Contact 9030059263</div><br /><br /> 
       </div> 
       </td> 
      </tr> 
      </table> 
     <tr><td> 
      <table id="menu_container"> 
      <tr><td><ul id="menu"> 
        <li id="home"><a href="index.html">Home</a></li> 
        <li id="academics"><a href="#">Academics</a></li> 
        <li id="staff"><a href="#">Staff</a></li> 
        <li id="about_us"><a href="#">About us</a></li> 
       </ul> 
      </td></tr> 
      </table> 
     </td></tr> 
     <tr><td>&nbsp;</td></tr> 
     <tr><td>&nbsp;</td></tr> 
     <tr><td> 
      <table id="login_form" border=0> 
       <tr><td><label id="login_title">Login here</label><br /> 
<?php 
       else 
       { 
        echo 'Invalid Username/Password'; 
       } 

      }     
    } 
    else 
    { 
     echo 'Please provide both Username and Password'; 
    } 
}     
?>      
       </td></tr> 
       <tr><td><form action="branch_login.php" method="post"><br /> 
        <label id="user">Username</label><input style="margin-left:20px" type="text" name="username" size="20"/><br /><br /> 
        <label id="pass">Password</label><input style="margin-left:20px" type="password" name="password" size="20"/><br /><br /> 
        <input style="margin-left:215px;background:orange;width:80px;height:30px;font-family: Times New Roman;font-size:20px" type="submit" value="Login >>"/> 
       </form></td></tr> 
      </table> 
     </td></tr> 
    </table> 
</body>

來源

2013-06-28 user2147921

+4

?你是否以純文本存儲密碼?肯定會發生壞事。使用'PDO'語句和一些哈希函數('MD5,SHA,...') – fcalderan

+3

如果我在登錄表格中輸入了'或OR 1 = 1 - ',怎麼辦?-想想要執行的結果查詢 –

+0

我建議你在做任何實際的編碼之前閱讀一本或多本php書籍/電子書 –

回答

0 
<?php 

require "connect.inc.php"; 
if(isset($_POST['username'])&&isset($_POST['password'])) 
{ 
    $username=$_POST['username']; 
    $password=$_POST['password']; 
    if(!empty($username)&&!empty($password)) 
    { 
     $query="SELECT id FROM sch_user WHERE username='$username' AND password='$password'"; 
     if($query_run = mysql_query($query)) 
     { 
      $num_rows=mysql_num_rows($query_run); 
      if($num_rows===1) 
      { 
       header("Location:index.html"); 
      } 

?> 


<head> 
    <title>Brilliant Educational Society</title> 
    <link rel="stylesheet" href="homepage.css"> 
    <link rel="stylesheet" href="branch_login.css"> 
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script> 
</head> 
<body> 

    <table id="container" border=0"> 
     <tr><td> 
      <table id="title_container" border=0 width=100%> 
      <tr> 
       <td style="width:90px;"><div id="logo"><img src="logo.jpg" style="height:70px;width:70px;margin-left: 10px;"></div></td> 
       <td><div id="title" style="color:maroon"><b><i>Brilliant Educational Society</b></div></td></i> 
       <td style="width:200px"><div id="contact">Contact 9030059263</div><br /><br /> 
       </div> 
       </td> 
      </tr> 
      </table> 
     <tr><td> 
      <table id="menu_container"> 
      <tr><td><ul id="menu"> 
        <li id="home"><a href="index.html">Home</a></li> 
        <li id="academics"><a href="#">Academics</a></li> 
        <li id="staff"><a href="#">Staff</a></li> 
        <li id="about_us"><a href="#">About us</a></li> 
       </ul> 
      </td></tr> 
      </table> 
     </td></tr> 
     <tr><td>&nbsp;</td></tr> 
     <tr><td>&nbsp;</td></tr> 
     <tr><td> 
      <table id="login_form" border=0> 
       <tr><td><label id="login_title">Login here</label><br /><td> 
<?php 
       else 
       { 
        echo 'Invalid Username/Password'; 
       } 

      }     
    } 
    else 
    { 
     echo 'Please provide both Username and Password'; 
    } 
}     
?>      
       </td></tr> 
       <tr><td><form action="branch_login.php" method="post"><br /> 
        <label id="user">Username</label><input style="margin-left:20px" type="text" name="username" size="20"/><br /><br /> 
        <label id="pass">Password</label><input style="margin-left:20px" type="password" name="password" size="20"/><br /><br /> 
        <input style="margin-left:215px;background:orange;width:80px;height:30px;font-family: Times New Roman;font-size:20px" type="submit" value="Login >>"/> 
       </form></td></tr> 
      </table> 
     </td></tr> 
    </table> 
</body>

來源

2013-06-28 11:57:04 Matheno

+0

?這與OP代碼完全相同。 –

相關問題

 相關問題