這是我的代碼,即使點擊提交按鈕後,登錄成功。提供錯誤的用戶名和密碼時登錄成功
$username = isset($_POST['username']);
$password = isset($_POST['password']);
//sql dtabase conn
$conn = mysqli_connect("localhost","root","","login");
//query the dtabase for user
$result = mysqli_query($conn, "select * from users where username =
'$username' and password = '$password'")or die("failed to query database".mysqli_connect_error());
$row = mysqli_fetch_array ($result);
if($row['username'] == $username && $row['password'] == $password && (""
!== $username || "" !== $password)){
echo "Login success".$row['username'];
}else{
echo "Failed to login";
}
我是初學者。請幫助我
不要使用isset來分配變量。使用一些轉義函數或其他東西。你應該把isset放在if語句上 –
首先修復這行兩行'$ username = isset($ _ POST ['username'])? $ _POST ['username']:「」; $ password = isset($ _ POST ['password'])? $ _ POST [ '密碼']: 「」;' –