php mysql not checking username and password on users table

StackOverflow https://stackoverflow.com/questions/23186399

  •  06-07-2023
  •  | 
  •  

سؤال

The Sign in page does not seem to be working like it should. It wont verify the username and password on the Users table so it will not allow for log in.

PHP 

 if(isset($_POST['submit']))
 {
     $userName=$_POST['userName'];
     $passWord=$_POST['passWord'];
     $result=mysqli_query($con,"select *from Users where `userName` ='$userName' and `passWord` ='$passWord'");
     if($result)
     {
          //echo "Successfully deleted".$id;
          $count=mysqli_num_rows($result);       
          //echo $count;
     }
     if($count==1)
     {
          $_SESSION['username']=$username;
          $_SESSION['passWord']=$passWord;
          header("location:users.php");
     }
     else
     {      
          header("location:index.php");  
     }
 }
 ?>

HTML

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <link href="index.css" rel="stylesheet" type="text/css" />
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <title>Sign in</title>
</head>
<body>
  <div id="signin">
    [ <a href="signup.php">Sign Up</a> ]
    [ <a href="signin.php">Sign In</a> ]
  </div>
  <div id="clear"></div>
  <div class="navbar">
    <ul>
      <li><a href="concerts.php" target="_self">Concert</a></li>
      <li><a href="restaurants.php" target="_self">Restaurant</a></li>
      <li><a href="sports.php" target="_self">Sports</a></li>
    </ul>
  </div>
  <form name="signin" method="post" action="signin.php" id="form">
    Member Login <br /><br />
    Username<input name="userName" type="text"><Br />
    Password</td><input name="passWord" type="password"><br /><br />
    <input type="submit" name="submit" value="submit">
  </form>
</body>
</html>

This code is not getting the id_cust from the users table to store in the $id It is getting the right username from the signin page 

<?php 
$result=mysqli_query($con, "select * from Users where `userName` ='$userName'");
$row = mysqli_fetch_array($result);
$id = $row['id_cust'];

http://pastebin.com/RmBz1yL0

هل كانت مفيدة؟

المحلول

Try changing your code to below.

 if($result)
        {
            //echo "Successfully deleted".$id;
            $count=mysqli_num_rows($result);       
            //echo $count;

            if($count==1)
            {
                   $_SESSION['userName']= $userName;
                   $_SESSION['passWord'] = $passWord;
                  header("location:users.php");
           }
           else
           {      
                  header("location:index.php");  
           }

        }

نصائح أخرى

select *from Users where `userName` ='$userName' and `passWord` ='$passWord'

replace with

select * from Users where `userName` ='$userName' and `passWord` ='$passWord'
مرخصة بموجب: CC-BY-SA مع الإسناد
لا تنتمي إلى StackOverflow
scroll top