嘿,这是我的登录脚本,使用PHP5和MYSQLi,我只是帮助发现我的查询中的错误,但它仍然不会让我登录,即使用户名和密码是正确的,并且在数据库中,它只是一直返回错误:您的用户名和密码与我们的数据库中的任何数据都不匹配。但我知道他们会大声笑......任何人都可以发现问题吗?PHP MYSQLI查询错误?
//Check if the form has been submitted
if (isset($_POST['login']))
{
//Check if username and password are empty
if ($_POST['username']!='' && $_POST['password']!='')
{
//Create query to check username and password to database
$validate_user = $mysqli->query('SELECT id, username, password, active FROM users WHERE = username = "'.$mysqli->real_escape_string($_POST['username']).'" AND password = "'.$mysqli->real_escape_string(md5($_POST['password'])).'"');
//We check if the query returns true
if ($validate_user->num_rows == 1)
{
$row = $validate_user->fetch_assoc();
//Check if the user has activated there account
if ($row['activated'] == 1)
{
$_SESSION['id'] = $row['id'];
$_SESSION['logged_in'] = true;
Header('Location: ../main/index.php');
}
//Show this error if activation returns as 0
else {
$error = '<p class="error">Please activate your account.</p>';
}
}
//Show this error if the details matched any in the db
else {
$error = '<p class="error">Your username and password are not in our database!</p>';
}
}
//Show this error if the username and password field have not been entered
else {
$error = '<p class="error">Please enter your username and password.</p>';
}
}
你有密码字段中的md5散列吗? – 2010-04-13 12:33:27
是的,你想让我看看吗? – 2010-04-13 12:34:42
你有多个用户使用这个用户名/密码组合吗? – 2010-04-13 12:35:54