我在登录系统中遇到错误。我知道它有缺陷,仅用于学习目的。 所以问题是,即使我输入正确的登录信息,代码只是到最后一行并抛出最后的else语句。任何想法为什么这样做?PHP系统登录错误
<?php
session_start();
if (isset($_POST['submit'])) {
include 'dbc.php';
$login = mysqli_real_escape_string($conn, $_POST['login']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
//error handler
//check if inputs are empty
if (empty($login) || empty($pwd)){
header("Location: login.php?login=empty");
exit();
} else {
$sql = "SELECT * FROM user WHERE name='$login'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck < 1) {
header("Location: login.php?login=error1");
exit();
} else {
if ($row = mysqli_fetch_assoc($result)) {
//dehashing
$hashedPwdCheck = password_verify($pwd, $row['pwd']);
if ($hashedPwdCheck == false) {
header("Location: login.php?login=error2");
exit();
} elseif ($hashedPwdCheck == true) {
//Log in user
$_SESSION['s_id'] = $row['name'];
header("Location: index.php?login=success");
exit();
}
}
}
}
} else {
header("Location: login.php?login=error3");
exit();
}
显示您我们你'form' – hungrykoala
你不该”用这个密码'mysqli_real_escape_string()'你应该使用准备好的语句 –
你能告诉我们你的表单代码吗?您可能缺少提交按钮 – Sehdev