douvcpx6526 2014-10-20 20:42
浏览 31
已采纳

检查数据库中的数据并失败[关闭]

I submit my form and it should find the value of FirstName and LastName in my MySQL database and send me to a success page. Instead I'm being sent to the fail page. I cannot see what is wrong with it.

here is my html form "login_1.php":

<form name="loginForm" action="loginCheck.php" method="post">      
<input type="text" name="firstname_field_name" id="firstname_field_ID" value="First Name" />  
<input type="text" name="lastname_field_name" id="lastname_field_ID" value="Last Name" /> 
<input type="submit" name="Submit" value="Submit" />
</form>

here is the php:

<?php
    session_start();
    $_SESSION['firstname_session'] = $_POST['firstname_field_name'];
    $_SESSION['lastname_session'] = $_POST['lastname_field_name'];

    require("config_php.php");
    $con = mysqli_connect(DBHOST, DBUSER, DBPASS, DBNAME) or die('Could not connect to database server.');

    $myfirstname=$_POST[firstname_field_name]; 
    $mylastname=$_POST[lastname_field_name];

    $result = mysqli_query($con,"SELECT * FROM test WHERE FirstName='$myfirstname' AND LastName=$mylastname");
    $count=mysqli_num_rows($result);

    if($count>0){
    //success         
        header('Location: loggedin.php');
        exit();
    }
    else{
    //fail
        header('Location: login_1.php');
        exit();
    }
?>
  • 写回答

1条回答 默认 最新

  • douhui3330 2014-10-20 20:50
    关注

    Change this part to:

     $myfirstname=$_POST['firstname_field_name']; 
 $mylastname=$_POST['lastname_field_name'];

//make it a little secure
$myfirstname = mysqli_real_escape_string($con, $myfirstname);
$mylastname = mysqli_real_escape_string($con, $mylastname);

 $result = mysqli_query($con,"SELECT * FROM test WHERE FirstName='$myfirstname' AND LastName='$mylastname'");
 $count=mysqli_num_rows($result);
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 关于php中URL传递GET全局变量的问题
  • ¥15 怎么改成循环输入删除(语言-c语言)
  • ¥15 安卓C读取/dev/fastpipe屏幕像素数据
  • ¥15 pyqt5tools安装失败
  • ¥15 mmdetection
  • ¥15 nginx代理报502的错误
  • ¥100 当AWR1843发送完设置的固定帧后,如何使其再发送第一次的帧
  • ¥15 图示五个参数的模型校正是用什么方法做出来的。如何建立其他模型
  • ¥100 描述一下元器件的基本功能,pcba板的基本原理
  • ¥15 STM32无法向设备写入固件