登錄腳本無法正常工作，顯示回顯消息

Question

我有用PHP編寫的登錄腳本。如果用戶名或密碼不正確，它會響應「用戶名或密碼無效」，這是目前所發生的事情（即使用戶名和密碼是正確的）

這裏是我的PHP代碼：

<form method="POST"> 
<input type="text" name="username"> 
<input type="password" name="password"> 
<input type="submit" name="submit"> 
</form> 

<?php 

$con = mysqli_connect("localhost","dbuser","dbpass","dbname"); 

if(isset($_POST['submit'])) { 

$username = $_POST['username']; 
$password = $_POST['password']; 

$username = mysqli_real_escape_string($con, $username); 
$password = mysqli_real_escape_string($con, $password); 

$logincheck = mysqli_connect($con, "SELECT * FROM `users` WHERE username='$username' and password='$password'"); 
$result = mysqli_query($con, $logincheck); 
$row = mysqli_fetch_array($result, MYSQLI_ASSOC); 
$count = mysqli_num_rows($result); 
if($count == 1){ 
$_SESSION['login_user'] = $username; 
header('Location: index.php'); 
}else{ 
echo "Username or password is invalid."; 
} 
} 
?> 

Answer 1

在獲取數據，並且可以使用的一些錯誤忘記使用MD5如果密碼進行加密，從而確保第一

if(isset($_POST['submit'])) 
{ 
    $con = mysqli_connect("localhost","root","","test"); 

    $username = $_POST['username']; 
    $password = md5($_POST['password']); 

    $username = mysqli_real_escape_string($con, $username); 
    $password = mysqli_real_escape_string($con, $password); 

    $sql="SELECT * FROM users WHERE username='$username' and password='$password'"; 
    $result=mysqli_query($con,$sql); 
    $row=mysqli_fetch_array($result,MYSQLI_ASSOC); 

    if(mysqli_num_rows($result) == 1) 
    { 
     $_SESSION['login_user'] = $username; 
     header('Location: index.php'); 
    } 
    else 
    { 
     echo "Username or password is invalid."; 
    } 
}