帮我看看这段代码有什么问题吧,很简单

<?php
$conn=mysql_connect("localhost","root","");
if(!$conn)
{
echo "connect error";
}
else
{
mysql_select_db("share");
$email=$_POST["mail"];
$password=$_POST["possword"];
$sql="select email,password from acluser where email=$email and password=$password";
mysql_query($sql,$conn);
$returnrow=mysql_num_rows($sql);
if($returnrow=1)
{
echo "<script>alert('Welcome back!');window.location.href='rs.php?id=$email';</script>";
}
else
{
echo "<script>alert('login false');window.location.href='page1.php';</script>";
}
}
mysql_close();
?>

解决方案 »

  1.   

    $conn=mysql_connect("localhost","root","");
    if(!$conn)
    {
    echo "connect error";
    }
    else
    {
    mysql_select_db("share");
    $email=$_POST["mail"];
    $password=$_POST["possword"];
    $sql="select email,password from acluser where email='$email' and password= '$password' ";  // 应该这样吧
    mysql_query($sql,$conn);
    $returnrow=mysql_num_rows($sql);
    if($returnrow=1)
    {
    echo " <script>alert('Welcome back!');window.location.href='rs.php?id=$email'; </script>";
    }
    else
    {
    echo " <script>alert('login false');window.location.href='page1.php'; </script>";
    }
    }
    mysql_close(); 
      

  2.   

    $sql="select email,password from acluser where email=$email and password=$password"; 
    ==============
    假设
    $email = '[email protected]';
    $password = 'abcd';你认为
    1.select email,password from acluser where [email protected] and password=abcd 
    2.select email,password from acluser where email='[email protected]' and password='abcd' 
    这两条哪个是正确的!?