我一直在努力在拉里乌尔曼的PHP和MySQL第4版login_ajax.php第15章的审查和追求部分,它说:验证电子邮件和密码输入从MySQL数据库通过PHP
修改login_ajax.php,使其使用数据库确认登录成功。
这是我到目前为止已经试过,无论我做什么,我得到的回应似乎永远是“不正确”,然后AJAX脚本从未登录我
到目前为止我的代码:
<?php
if (isset($_GET['email'], $_GET['password'])){
$email = $_GET['email'];
$password = $_GET['password'];
// Need a valid email address:
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
// must match specific values:
// This values will be gotten from a database
require('../mysqli_connect.php');
// retrieve from database
$q = "SELECT email, pass FROM users WHERE email = '$email'LIMIT 1";
// run the query
$r = @mysqli_query($dbc, $q);
//$check_email = "";
//$check_pass = "";
/*while ($row = mysqli_fetch_array($r, MYSQLI_ASSOC)) {
$check_email = $row['email'];
$check_pass = $row['pass'];
}*/ // if the email and password match those in database
//if (($email == $check_email && $password == $check_pass)) {
if (mysqli_num_rows($r) > 0) {
echo 'CORRECT';
} else {
echo 'INCORRECT';
}
mysqli_close($dbc);
/* if(($_GET['email'] == '[email protected]') && ($_GET['password'] == 'testpass')){
//Set a cookie, if you want, or start a session.
// indicate success:
echo 'CORRECT';
}else{// mismatch
echo'INCORRECT';
}*/
}else{ // invalid email
echo 'INVALID_EMAIL';
}
}else{ // missing one of the two variables
echo 'INCOMPLETE';
}
它包含我不同的尝试。
在限制''$ email'LIMIT 1'之前需要空格';更好地使用prepare语句。'mysqli_query'前删除'@' – Saty
从'@ mysqli_query'中删除'@'符号,以便您可以查看您的查询何时出现错误 –
另外,使用[密码API](http://php.net/password)并停止使用简单的测试密码。 –