一个登陆的问题。? $exec = "select * from admin where username = '".$username."' password = '".$password."'"; 解决方案 » 免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货 哦,错了,应该是这样:$exec = "select * from admin where username = '".$username."' AND password = '".$password."'"; SQL的语法错误呢其实呢最好不要这样写,容易造成SQL注入 开始学程序最好样成好的习惯,我习惯这样写:$sql = sprintf("select * from admin where user_name = '%s' and password = '%s' ",$userName,$password);其实这样写少了一个逻辑,只能提示用户名或者密码错误,最好这样写:$sql = sprintf("select * from admin where user_name = '%s' limit 0,1 ",$userName);$query = mysql_query($sql);$numberRows = mysql_num_rows($query);if($numberRows > 0){ $result = mysql_fetch_array($query); if($result['password'] == $_POST['password']) { $user_id = $_SESSION['user_id']; }else { echo "您的密码不正确!"; }}else{ echo "此用户不存在";}对了,session_start();要写在第一句啊,呵呵,慢慢来吧 $exec = "select * from admin where username = '".$username."' and password = '".$password."'"; setcookie奇怪的问题.大家看一下 php程序中如何在MySQL语句中加入变量? 三角只剩一个了 帮我看下这个语法错了还是什么错了,谢谢!!! 关于include “/ 问题,求助~~~ 求助!! 如何获取本页名称????急,急!!!!! PostgresSql手册 如何在Linux的PHP服务器上连access数据库? 求助,遍历二级菜单只能出来6个其余的不显示,看了一下html代码是超过6个加了一个UL属性标签,我改怎么写 用php+mysql怎么做企业邮箱阿?谢谢 PHP兼容性的问题
$exec = "select * from admin where username = '".$username."' AND password = '".$password."'";
其实呢最好不要这样写,容易造成SQL注入
$sql = sprintf("select * from admin where user_name = '%s' and password = '%s' ",$userName,$password);
其实这样写少了一个逻辑,只能提示用户名或者密码错误,最好这样写:
$sql = sprintf("select * from admin where user_name = '%s' limit 0,1 ",$userName);
$query = mysql_query($sql);
$numberRows = mysql_num_rows($query);
if($numberRows > 0)
{
$result = mysql_fetch_array($query);
if($result['password'] == $_POST['password'])
{
$user_id = $_SESSION['user_id'];
}else
{
echo "您的密码不正确!";
}
}else
{
echo "此用户不存在";
}
对了,session_start();要写在第一句啊,呵呵,慢慢来吧