<?php
$user_login=$_POST["user_login"];//赋值
$user_pass=$_POST["user_pass"];
setcookie('user_name', $user_login);
?>
<?php
include("lianjie.php");
if($user_login && $user_pass)
{
$query="select * from denglu where user='".$user_login."' and pwd='".$user_pass."'";//从数据库查找用户名和密码
$query=addslashes($query);//是不是这行错了
$res=mysql_query($query,$connection);
if(mysql_fetch_array($res))//这行报错
{
echo "<script>window.location='index_bc.php';</script>";exit();//登录成功跳转到index_bc
}else
{
echo "<script>alert('用户名或密码错误');window.location='index.php';</script>";exit();
}
}
mysql_close($connection);
?>
$user_login=$_POST["user_login"];//赋值
$user_pass=$_POST["user_pass"];
setcookie('user_name', $user_login);
?>
<?php
include("lianjie.php");
if($user_login && $user_pass)
{
$query="select * from denglu where user='".$user_login."' and pwd='".$user_pass."'";//从数据库查找用户名和密码
$query=addslashes($query);//是不是这行错了
$res=mysql_query($query,$connection);
if(mysql_fetch_array($res))//这行报错
{
echo "<script>window.location='index_bc.php';</script>";exit();//登录成功跳转到index_bc
}else
{
echo "<script>alert('用户名或密码错误');window.location='index.php';</script>";exit();
}
}
mysql_close($connection);
?>
$user_login=$_POST["user_login"];//赋值
$user_pass=$_POST["user_pass"];
setcookie('user_name', $user_login);
?>
<?php
include("lianjie.php");
if($user_login && $user_pass)
{
//$query="select * from denglu where user='".$user_login."' and pwd='".$user_pass."'";//从数据库查找用户名和密码
//$query=addslashes($query);//是不是这行错了
// 改成这样
$query = sprintf("SELECT * FROM denglu WHERE user='%s' AND pwd='%s'",
mysql_real_escape_string($user_login),
mysql_real_escape_string($user_pass));
$res=mysql_query($query,$connection);
if(mysql_fetch_array($res))//这行报错
{
echo "<script>window.location='index_bc.php';</script>";exit();//登录成功跳转到index_bc
}else
{
echo "<script>alert('用户名或密码错误');window.location='index.php';</script>";exit();
}
}
mysql_close($connection);
?>