我有一个index.html页面,我将从该页面将其重定向到我的login.php页面以验证用户。但似乎这是行不通的。即使输入正确也显示错误信息。请期待
index.html
<form action="login.php" method="POST">
<div class="input-container">
<input type="text" name="enroll" required="required"/>
<label for="Username">Enrollment Number</label>
<div class="bar"></div>
</div>
<div class="input-container">
<input type="password" name="Password" required="required"/>
<label for="Password">Password</label>
<div class="bar"></div>
</div>
<div class="button-container">
<button><span>Go</span></button>
</div>
<div class="footer"><a href="#">Forgot your password?</a></div>
</form>
login.php
<?php
// Grab User submitted information
$enroll = $_POST["enroll"];
$pass = $_POST["password"];
// Connect to the database
$con = mysql_connect("localhost","root","");
// Make sure we connected succesfully
if(! $con)
{
die('Connection Failed'.mysql_error());
}
// Select the database to use
mysql_select_db("rgpv",$con);
$result = mysql_query("SELECT enroll, password FROM login WHERE enroll = $enroll");
$row = mysql_fetch_array($result);
if($row["enroll"]==$enrolls && $row["password"]==$pass)
echo"You are a validated user.";
else
echo"Sorry, your credentials are not valid, Please try again.";
?>
在您的表单中,您的密码字段的名称为Password
。在login.php中,您不正确地定义$pass
为$pass = $_POST["password"];
-只需将其更改为$pass = $_POST["Password"];
您的查询也不正确。
改变 $result = mysql_query("SELECT enroll, password FROM login WHERE enroll = $enroll");
至
`$result = mysql_query("SELECT enroll, password FROM login WHERE enroll ='$enroll'");
警告:您的代码对SQL注入攻击开放!
警告:您应该使用password_hash来哈希您的密码!
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句