-1
我在這裏登錄我目前正在處理,只是有一個小問題,我的PHP我認爲。PHP登錄Unity和Mysql
我用來連接到數據庫的PHP:
<?php
$db_name = "mydata";
$mysql_username = "root";
$mysql_password = "";
$server_name = "localhost";
$conn = mysqli_connect($server_name, $mysql_username, $mysql_password, $db_name);
if($conn){
echo
"Connection Succesful";
}
else{
echo "Connection Not Succesful";
}
?>
我的實際登錄PHP:
<?php
require "conn.php";
$Email = $_POST["emailPost"];
$Password = $_POST["passwordPost"];
$sql = "SELECT Password FROM users WHERE Email = '".$Email."' ";
$result = mysqli_query($conn, $sql);
if(mysqli_num_rows($result)>0){
while($row = mysqli_fetch_assoc($result)){
if($row == $Password){
echo "login success";
}
else{
echo "Password incorrect";
}
}
}else{
echo "user not found";
}
?>
終於協程,我用我的C#
IEnumerator LoginAccount()
{
WWWForm Form = new WWWForm();
Form.AddField("emailPost", Email);
Form.AddField("passwordPost", Password);
WWW www = new WWW(LoginUrl, Form);
yield return www;
Debug.Log(www.text);
}
我每次都得到Password incorrect。我錯過了什麼?
你爲什麼會循環,也應該只有一個密碼以匹配 – 2016-12-06 03:02:28
**切勿將純文本密碼!**請使用PHP的[內置函數](http://jayblanchard.net/proper_password_hashing_with_PHP.html)來處理密碼安全性。如果您使用的PHP版本低於5.5,則可以使用'password_hash()'[兼容包](https://github.com/ircmaxell/password_compat)。確保你*** [不要越獄密碼](http://stackoverflow.com/q/36628418/1011527)***或在哈希之前使用其他任何清理機制。這樣做*更改密碼並導致不必要的附加編碼。 –
[Little Bobby](http://bobby-tables.com/)說*** [你的腳本存在SQL注入攻擊風險。](http://stackoverflow.com/questions/60174/how-can- ***)瞭解[MySQLi](http://php.net/manual)[準備](http://en.wikipedia.org/wiki/Prepared_statement)聲明/en/mysqli.quickstart.prepared-statements.php)。即使[轉義字符串](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string)是不安全的! [不相信它?](http://stackoverflow.com/q/38297105/1011527) –