此代码已经过测试,并且会为您执行。将其标记为正确答案,因为它可以解决您的问题。
首先创建表和插入用户
create table users(username varchar(100), password varchar(100)
insert into users values ('sectona','sectona234');
<?php
$db = new PDO (
'mysql:host=localhost;dbname=yourdbname;charset=utf8',
'root', // username
'root44' // password
);
?>
signin.php
<?php
error_reporting(0);
?>
<?php ob_start(); ?>
<?php
session_start();
require("db.php");
//from form inputs
$username=strip_tags($_POST["txtusername"]);
$password=strip_tags($_POST["txtpassword"]);
/*
$username='sectona';
$password='sectona123';
*/
// validate username
$result = $db->prepare('SELECT * FROM users where username = :username');
$result->execute(array(
':username' => $username
));
$nosofrows = $result->rowCount();
if ($nosofrows ==0)
{
echo '<br><b><font color=red><b></b>Username is Incorrect</font></b><br>';
exit();
}
//validate password
$result = $db->prepare('SELECT * FROM users where password = :password');
$result->execute(array(
':password' => $password
));
$nosofrows = $result->rowCount();
//if ($nosofrows < 1)
if ($nosofrows ==0)
{
echo '<br><b><font color=red><b></b>Password is Incorrect</font></b><br>';
exit();
}
// check login
$statement = $db->prepare('
SELECT * FROM users
WHERE username = :username
AND password = :password
');
$statement->execute(array(
':username' => $username,
':password' => $password));
if ($row = $statement->fetch()) {
session_regenerate_id();
$_SESSION['SESS_PASWWORD'] = $row['password'];
$_SESSION['SESS_USERNAME'] = $row['username'];
$user=$pid=htmlentities($row['username'], ENT_QUOTES, "UTF-8");
echo "Welcome Mr/Mrs <b>".$user."</b> <font color=pink>you are signed in successfully. <br>Redirecting in 2 seconds</font> <img src=loader.gif>";
echo '<script>
window.setTimeout(function() {
window.location.href = "admin.php";
}, 2000);
</script>';
}else{
echo '<font color=red size=2><b>Either of your details is wrong. You are trying to use login accounts that belongs to another
person</b></font>';
}
?>
admin.php
<html><head></head><body>
Welcome <?php
session_start();
echo htmlentities($_SESSION['SESS_USERNAME']); ?>
</body></html>
请,如果它解决您的问题
'$ _ POST将其标记为正确答案[ “ '从用户选择user_firstname WHERE user_username =' $用户名”“] “你确定你的意思是? – 2015-02-11 18:57:03
*“我正在进行登录会话”* - 您是否开始会话并在所有使用会话的页面内部?在上面所说的内容之上,*这是什么?!* – 2015-02-11 18:57:25
@Ismael。我不太确定,但我得到一个错误,说它是未定义的。但我想到,如果我查询它,用户ID将以某种方式得到名字。 – WTFZane 2015-02-11 19:01:12