我的代码可能有什么问题,它添加了错误的信息,但添加了正确的信息谢谢php

ee7vknir  于 2021-06-24  发布在  Mysql
关注(0)|答案(1)|浏览(346)

这是我的密码

<?php

    $con = mysqli_connect("localhost","root","","system_database");

    if(isset($_POST['Submit'])){

        $Username = trim($_POST['Username']);
        $password = trim($_POST['password']);

        // encrypt password before submiting it
        $password_encrypted = crypt($password, 'is'); // "is" is the salt

        $sql = "SELECT * FROM register WHERE Username = '$Username' AND password='$password_encrypted'";
        $query = $con -> query($sql);
        $result = mysqli_num_rows($query);

        if($result == true){

            header ("location: report.php");

        } else {
            echo "username or password wrong";
        }

    }
?>
webghufk

webghufk1#

像这样添加

<?php
$con = mysqli_connect("localhost","root","","system_database");
if(isset($_POST['Submit'])){
    $Username = trim($_POST['Username']);
    $password = trim($_POST['password']);
    if(!empty($Username) && !empty($password)){
        $Username = mysqli_real_escape_string($con,$Username);
        $password = mysqli_real_escape_string($con,$password);
        // encrypt password before submiting it
        $password_encrypted = crypt($password, 'is'); // "is" is the salt
        $sql = "SELECT * FROM register WHERE Username = '{$Username}' AND password='{$password_encrypted}'";
        if($result = mysqli_query($con,$sql)){
            if(mysqli_num_rows($result) > 0){
                mysqli_free_result($result);
                header("Location: report.php");         
            }else{
                echo "username or password wrong";
            }
        }
    }else{
        echo "username or password not found";
    }
}
?>

相关问题