-4
這裏是我的代碼:我放入我的登錄表單代碼的詳細信息將返回爲不正確的,即使它們是,爲什麼?
<?php
session_start();
include_once('../includes/connection.php');
if (isset($_SESSION['logged_in'])){
\t
}else{
\t
\t if (isset($_POST['username'], $_POST['password'])) {
\t \t $username= $_POST['username'];
\t \t $password= md5($_POST['password']);
\t \t
\t \t
\t \t if(empty($username) or empty($password)) {
\t \t \t
\t \t \t $error = 'All fields are required!';
\t \t \t
\t \t \t
\t \t }else{
\t \t \t $query = $pdo->prepare("SELECT * FROM users WHERE user_name = ? user_password = ?");
\t \t \t
\t \t \t $query->bindValue(1, $username);
\t \t \t $query->bindValue(2, $password);
\t \t \t
\t \t \t $query->execute();
\t \t \t
\t \t \t
\t \t \t $num = $query->rowCount();
\t \t \t
\t \t \t if ($num==1){
\t \t \t \t
\t \t \t \t
\t \t \t \t $_SESSION['logged_in'] = true;
\t \t \t \t header('Location: index.php');
\t \t \t \t exit();
\t \t \t \t
\t \t \t \t
\t \t \t \t
\t \t \t }else{
\t \t \t \t
\t \t \t $error='Incorrect details!';
\t \t \t
\t \t \t }
\t \t \t
\t \t }
\t \t
\t \t
\t \t
\t }
\t
\t
\t
?>
<html>
\t <head>
\t \t <title>CMS Tutorial</title>
\t \t <link rel="stylesheet" href="../assets/style.css" />
\t </head>
\t <body>
\t \t <div class="container">
<a href="index.php" id="logo">CMS</a>
\t \t
<?php if(isset($error)) { ?>
<small style="color:#aa0000;"><?php echo $error; ?></small>
<?php } ?> \t
\t \t
\t \t <form action="index.php" method="post" autocomplete="off">
<input type="text" name="username" placeholder="Username" />
<input type="password" name="password" placeholder="Password" />
<input type="submit" value="Login" /> \t \t \t \t
\t \t </form>
\t \t </div>
\t </body>
</html>
<?php
\t
\t
\t
}
?>我不知道在我的錯誤是,試圖找到一個錯誤,但我找不到它,我進入了代碼的最新代碼是「} else {$ query = $ pdo-> etc ..」但我認爲那裏沒有任何錯誤......如果有人能幫助我,我會非常感激!還有你們不必給我發送整個代碼回答一個簡單的答案或提示將有所幫助。 :d!
您的查詢需求和之前USER_PASSWORD =? 。也請不要使用md5作爲密碼。使用php內置的password_hash和password_verify – Akintunde007
哇,這是快速的謝謝你!這樣一個愚蠢的錯誤:D –
你不會忍受這個,是嗎? –