douqiao5552 2013-12-06 19:09
浏览 187

检查登录始终返回登录失败页面

This is my check login coding. I can't log into my system because it always return login fail. I've inserted the correct username, password and role but still it return to login fail page.

I think there is something wrong on my coding at if (mysql_num_rows($result)== 1) Btw, what does this line mean ? 

<?php
session_start();
require 'database.php';

//to store validation errors
$errmsg_arr = array();

//validation error flag
$errflag = false;

//function to sanitize values from the form. Preventing the SQL injection
function clean ($str){
    $str = @trim($str);
    if (get_magic_quotes_gpc()){
        $str = striplashes ($str);
    }
    return mysql_real_escape_string($str);
}

//sanitize POST values
$myusername = clean ($_POST['username']);
$mypassword = clean ($_POST['password']);
$role = clean ($_POST['role']);

//input validations
if ($myusername == ''){
    $errmsg_arr[] = 'Insert your username';
    $errflag = true;
}
if ($mypassword == ''){
    $errmsg_arr[]= 'Insert you password';
    $errflag = true;
}

//if there are input validation, redirect back to home
if ($errflag){
    $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
    session_write_close();
    header("location:index.php");
    exit();
}

$qry = "SELECT student.user_id, student.username, student.password, student.role FROM student WHERE username = '$myusername' and password = '".md5($_POST['password'])."' and role = '$role'";
$result = mysql_query($qry);

if ($result){
    if (mysql_num_rows($result)== 1){       
        session_regenerate_id();
        $student = mysql_fetch_assoc($result);  
        $_SESSION['SESS_USER_ID']= $student['user_id'];
        $_SESSION['SESS_USERNAME']= $student['username'];
        $_SESSION['SESS_PASS']= $student['password'];
        $_SESSION['SESS_ROLE']= $student['role'];
        session_write_close();
        header("location: profile.php");
        exit();
    }else {
        header ("location: login_failed.php");
        exit();
    }
}else {
    die ("Query failed");
}

?>
  • 写回答

3条回答 默认 最新

  • duanmeng7865 2013-12-06 19:12
    关注

    you have just one "=" in your if clause..

    if ($myusername = ''){
    $errmsg_arr[] = 'Insert your username';
    $errflag = true;
}

    change to:

      if ($myusername == ''){
        $errmsg_arr[] = 'Insert your username';
        $errflag = true;
    }

    or 

    if (empty($myusername)){
        $errmsg_arr[] = 'Insert your username';
        $errflag = true;
    }
    评论

报告相同问题?

悬赏问题

  • ¥15 用hfss做微带贴片阵列天线的时候分析设置有问题
  • ¥50 我撰写的python爬虫爬不了 要爬的网址有反爬机制
  • ¥15 Centos / PETSc / PETGEM
  • ¥15 centos7.9 IPv6端口telnet和端口监控问题
  • ¥120 计算机网络的新校区组网设计
  • ¥20 完全没有学习过GAN,看了CSDN的一篇文章,里面有代码但是完全不知道如何操作
  • ¥15 使用ue5插件narrative时如何切换关卡也保存叙事任务记录
  • ¥20 海浪数据 南海地区海况数据,波浪数据
  • ¥20 软件测试决策法疑问求解答
  • ¥15 win11 23H2删除推荐的项目,支持注册表等