小贝子编程

PHP 和 MySQL 登录身份验证数据库检查无法正常工作?



我正在使用PHP/HTML和MySQL进行测试登录检查。我成功了很棒;它成功地连接到数据库,它可以获取我的数据库值并将其保存在变量中,等等,但我遇到了一个小问题。

我使用两个PHP页面来进行检查。仅包含论坛的login.php页面和进行数据库连接的welcome.php页面。当我运行一个测试页面,让它回显数据库信息时,它会打印出来(testUser,testEmail@email.com,testPassword,1/1/1900)。因此,当我尝试运行登录验证检查时,它只显示"未知用户!"两次,甚至当我尝试用户名"usr"、"testUser"one_answers"testUser2"时(我制作了两个表,第二个表是相同的,末尾添加了2个)。这是我的密码。

<html>
    <head>
        <?php
            $title = ucfirst(basename($_SERVER['PHP_SELF'], ".php"));
            echo "<title>$title</title>";
        ?>
    </head>
    <body>
        <form name="form" accept-charset="utf-8" action="welcome.php" method="post">
            <span class="header">Username</span><input type="text" name="usr" value="usr"></input><br>
            <span class="header">Password</span><input type="text" name="pass" value="pass"></input>
            <input type="submit">
        </form>
    </body>
</html>

<?php
    $servername = removed;
    $username = removed;
    $password = removed;
    $dbname = removed;
    // Create connection
    $conn = new mysqli($servername, $username, $password, $dbname);
    // Check connection
    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    } 
    $sql = "SELECT ID, USER, PASSWORD FROM usrdatabase";
    $result = $conn->query($sql);
    if ($result->num_rows > 0) {
        // output data of each row
        while($row = $result->fetch_assoc()) {
            // the given info from the form
            $usrUser = $_POST["usr"];
            $usrPass = $_POST["pass"];
            // convert the findings to uppercase to get rid of sensitivity
            if (strtoupper($usrUsr) == strtoupper($row["USER"]) && strtoupper($usrPass) == strtoupper($row["PASSWORD"])) {
                echo "Welcome $usrUser!<br>Your login was successful! ?>";
            }
            elseif (strtoupper($usrUsr) == strtoupper($row["USER"]) && strtoupper($usrPass) != strtoupper($row["PASSWORD"])) {
                echo "Login failed as $usrUser!";
            }
            else {
                echo "Unknown user!";
            }
        }
    } else {
        echo "0 results";
    }
    $conn->close();
?>

这总是产生一个"未知用户!"我的支票有问题吗?我希望它通过数据库中的每个用户来检查每个现有用户的信息。

更改

strtoupper($usrUsr) == strtoupper($row["USER"])


strtoupper($usrUser) == strtoupper($row["USER"])

使用用户名从数据库中获取单个用户,因为每个用户都是唯一的。

$sql = "SELECT ID, USER, PASSWORD FROM usrdatabase WHERE USER = '" . mysqli_real_escape_string($_POST['usr']) . "' AND PASSWORD = '"  . mysqli_real_escape_string($_POST['pass']) . "'";

嘿,我看到你的if else包含$usrUsr,它不应该是$usrUser吗?(忘记了e)

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium