我有一个登陆表单,账号的文本框的name是TxtUserName,密码文本框的name是TxtPassword,然后我的sql有manage这张表,里面有name和password两个属性,然后我的表单myform有一个javascript验证函数CheckPost(),可是不知道哪里出了问题<SCRIPT language=javascript>
function CheckPost()
{
if(myform.DropExpiration.value=="manage"){
myform.action="manage.php";
<?php
include 'conn.php';
$name="admin";
$sql="select * from manage where name='$name'";
$query=mysql_query($sql);
$row=mysql_fetch_array($query);
$password=$row['password'];
?>
//检验密码是否正确
if (myform.TxtPassword.value!=<?php echo $password;?>)
{
alert("帐号密码错误");
myform.TxtUserName.focus();
return false;
}
//检验帐号是否正确
if (myform.TxtUserName.value!="admin")
{
alert("帐号密码错误");
myform.TxtUserName.focus();
return false;
}
}
if(myform.DropExpiration.value=="student"){ myform.action="student.php";
//检验密码是否正确
if (myform.TxtPassword.value!="123456")
{
alert("帐号密码错误");
myform.TxtUserName.focus();
return false;
}
//检验帐号是否正确
if (myform.TxtUserName.value!="admin")
{
alert("帐号密码错误");
myform.TxtUserName.focus();
return false;
}
}
}
</SCRIPT>
无论我输入什么密码,都能够验证成功,我manage那张表里面的name属性一直都是“admin”
function CheckPost()
{
if(myform.DropExpiration.value=="manage"){
myform.action="manage.php";
<?php
include 'conn.php';
$name="admin";
$sql="select * from manage where name='$name'";
$query=mysql_query($sql);
$row=mysql_fetch_array($query);
$password=$row['password'];
?>
//检验密码是否正确
if (myform.TxtPassword.value!=<?php echo $password;?>)
{
alert("帐号密码错误");
myform.TxtUserName.focus();
return false;
}
//检验帐号是否正确
if (myform.TxtUserName.value!="admin")
{
alert("帐号密码错误");
myform.TxtUserName.focus();
return false;
}
}
if(myform.DropExpiration.value=="student"){ myform.action="student.php";
//检验密码是否正确
if (myform.TxtPassword.value!="123456")
{
alert("帐号密码错误");
myform.TxtUserName.focus();
return false;
}
//检验帐号是否正确
if (myform.TxtUserName.value!="admin")
{
alert("帐号密码错误");
myform.TxtUserName.focus();
return false;
}
}
}
</SCRIPT>
无论我输入什么密码,都能够验证成功,我manage那张表里面的name属性一直都是“admin”
是不是要加"" 号呢。myform.TxtUserName。感觉用document.getElementById().value比较靠谱
没用,试过了,如果把$password换成“123”就可以验证成功
session_start();
require_once("../conn.php");
$yzcode=$_POST["yzcode"];
$username=$_POST["username"];
$password=substr(md5(md5($_POST["password"])),13);
if($yzcode!=$_SESSION["login_check_num"])
{
echo "验证码输入错误";
}
else
{
$sql="select * from admin where username='".$username."' and password='".$password."'";
$result=mysql_query($sql);
if(mysql_num_rows($result)>0)
{
$_SESSION["username"]=$username;
mysql_query("update admin set logintime=logintime+1 where username='".$username."'");
header("location:main.php");
}
else
{
echo "用户名或密码不正确,请重新输入"
}
}
?>
header("location:main.php");
header上面不是不能有其他语句的么?我看视频说的。