1. 首页
  2. 问答
  3. 我不能登录系统

我不能登录系统

2015-09-06 154 views
-1

这里是我的login.php我不能登录系统

<? 
    session_start(); 
    if (isset($_POST['Login'])) { 
    include_once("connect.php"); 
    $user_ok = false; 
    $usernamer=$_POST['Usernamer']; 
    $passaword=$_POST['passsword']; 
    $id = "SELECT id FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1"; 
    function evalLoggedUser($link,$id,$usernamer,$passaword){ 
     $sql = "SELECT ip FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1"; 
     $query = mysqli_query($link, $sql); 
     $numrows = mysqli_num_rows($query); 
     if($numrows > 0){ 
      return true; 
     } 
    } 
     $user_ok = evalLoggedUser($link,$usernamer,$passaword,$id); 
     if(isset($_POST['Login'])){ 
     if($user_ok == true){ 
     header("location: user.php?u=".$_POST["Usernamer"]); 
     }else{ 
     echo "username was not found"; 
     } 
     } 
    } 
    ?>

它给像

mysqli_num_rows误差修改()预计参数1被mysqli_result,空给出

即使当我输入正确的用户名时,它也会回显username was not found

来源

2015-09-06 qwaaz

+1

犯了一些错误。 '$ id' sql语句不会被使用并且最初引用'id' - 函数中实际的sql引用'ip'〜我猜它们应该是相同的 - 可能是id。你对'evalLoggedUser'函数的调用有错误的序列 – RamRaider

+0

有可能是一个错字:它不应该重写$ _post ['passaword']而不是passsword? –

+0

@一些 - 非描述用户没有输入的名称是密码时应 – qwaaz

回答

0

I thi NK应该

if($numrows < 0){ 
    return true; 
    }

和您的查询应该是:

$id = "SELECT id FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1"; 
//change $Usernamer to $usernamer

来源

2015-09-06 09:43:18 aldrin27

+0

为什么“$ numRows行<0”? –

+0

因为如果你'$ numRows行<0'将返回false,不会去if语句 – aldrin27

+0

我还是不明白这里面。如果数据库查询返回多于零的行,你希望函数返回true,对吗? $ numrows <0的计算结果为true,如果您有某种错误,不是?所以你只有在mysqli_num_rows()给出错误时才返回true。 –

0

呀!参数一必须是结果集。这意味着你必须通过$查询不是你的SQL查询

来源

2015-09-06 09:43:44 peter

+0

哪里?你的意思是第14行? – qwaaz

0

原来的一些变化与适当的意见

<?php 
    session_start(); 
    if (isset($_POST['Login'])) { 

     include_once("connect.php"); 
     $user_ok = false; 

     $usernamer=$_POST['Usernamer']; 
     $passaword=$_POST['passsword']; 
     /* to debug */ 
     echo "POSTED username:".$usernamer." POSTED password: ".$passaword; 

     /* 
      this gets passed as a parameter to the function but never used... 
      $id = "SELECT id FROM websiteusers WHERE userName='$Usernamer' AND pass='$passaword' LIMIT 1"; 
     */ 
     function evalLoggedUser($conx, $u, $p){ 
      /* To use the variables above ($usernamer & $passaword) you would need to declare them as global within the function */ 
      /* I assumed, perhaps wrongly, that this ought to have been id rather than ip */ 

      $sql = "SELECT `id` FROM `websiteusers` WHERE `userName`='$u' AND `pass`='$p' LIMIT 1"; 

      /* to debug */ 
      exit("PARAM Username:".$u ."<br />PARAM Password:". $p ."<br />sql:" .$sql); 

      $query = mysqli_query($link, $sql); 
      $numrows = mysqli_num_rows($query); 

      /* previously the function only returned a value if there was a recordset */ 
      return ($numrows > 0) ? true : false; 
     } 


     /* 
      The sequence of parameters was incorrect 
     */ 
     $user_ok = evalLoggedUser($link, $usernamer, $passaword); 

     if(isset($_POST['Login'])){ 
      if($user_ok === true){ 
       header("location: user.php?u=".$usernamer); 
      }else{ 
       echo "username was not found"; 
      } 
     } 
    } 
?>

来源

2015-09-06 09:48:26 RamRaider

+0

所以它删除了所有的错误,但仍然回声的用户名没有被发现 – qwaaz

+0

对于一个试验,尝试添加'退出($ SQL)'后的SQL语句已经在'evalLoggedUser'函数创建(但不执行)。看看回显到屏幕的SQL - 它看起来是否正确?你可以在你的mysql客户端/ gui中运行该sql并获取返回的数据吗? – RamRaider

+0

没有它示出了该SELECT'userId' FROM'websiteusers' WHERE'userName' = '' 和'pass' = '' LIMIT 1 – qwaaz

 相关问题

  • 暂无相关问题^_^