简体中文(ZH-CN) English(EN) 繁体中文(ZH-TW) 日本語(JA) 한국어(KO) Melayu(MS) Français(FR) Deutsch(DE)
Home > Backend Development > PHP Tutorial > body text

这两种登陆验证方法错哪了

WBOY
Release: 2016-06-13 13:36:27
Original
794 people have browsed it

这两种登陆验证方法哪里错了
第一种:

PHP code
<!--

Code highlighting produced by Actipro CodeHighlighter (freeware)
http://www.CodeHighlighter.com/

--><?php $id=$_POST['id'];
$password=$_POST['password'];
 $conn=mysql_connect("localhost","root","root");
 if (!$conn){
 die("连接失败:".mysql_errno());
 }
 mysql_select_db("emp",$conn) or die(mysql_errno());
 mysql_query("set names utf8")or die(mysql_errno());
$sql = "select count(id) from admin where id='".$id."' and password='".md5($password)."'";
$res = mysql_query($sql,$conn);
$num = mysql_num_rows($res);
if($num){
   header("location:empManage.php");
   exit();
}else{
  header("location:login.php?errno=1");
  exit();
}
mysql_free_result($res);
mysql_close($conn);
 
?>
Copy after login

此方法无论密码是否和数据库匹配都可以登陆
方法二:
PHP code
<!--

Code highlighting produced by Actipro CodeHighlighter (freeware)
http://www.CodeHighlighter.com/

--><?php $id=$_POST['id'];
$password=$_POST['password'];
 $conn=mysql_connect("localhost","root","root");
 if (!$conn){
 die("连接失败:".mysql_errno());
 }
 mysql_select_db("emp",$conn) or die(mysql_errno());
 mysql_query("set names utf8")or die(mysql_errno());
 $sql="select password from admin where id=$id";
 $res=mysql_query($sql,$conn);
 if ($row=mysql_fetch_assoc($res)){
     
 if ($row['password']==md5($password)){
 header("location:empManage.php");

 }
 }
header("location:login.php?errno=1");

mysql_free_result($res);
mysql_close($conn);
?>
Copy after login

此方法即使id和密码都正确都无法登陆

求高人指点,看看哪里错了导致无法登陆

------解决方案--------------------
忘了还有第二个了。
逻辑问题我想
if ($row=mysql_fetch_assoc($res)){
if ($row['password']==md5($password)){
header("location:empManage.php");
}
}
header("location:login.php?errno=1");

假设成功,先header("location:empManage.php"),可到最后仍然会执行header("location:login.php?errno=1")。 header()函数并不会执行后立即发送消息报头给浏览器,于是后面的覆盖了前面的。不过没测试过所以不敢打保票。
把逻辑理顺了看看

if ($row=mysql_fetch_assoc($res)){
if ($row['password']==md5($password)){
header("location:empManage.php");
exit();
}
}
header("location:login.php?errno=1");
------解决方案--------------------
$num = mysql_num_rows($res);
if($num){
header("location:empManage.php");
这里错了,应该是 读取count值,然后判断count是否为1则可
Related labels:
header location mysql quot
source:php.cn
Previous article: php现在都是怎么保护版权加密的 Next article: 换域名的头痛事解决方案
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
Vue 3 and Vuetify 3 access SCSS/SASS variables in components I want to use predefined variables in my Vue3 component. <template><divclass=&quo...
From 2023-11-17 13:52:29
0
1
293
JavaScript: Does the RegExp.escape function exist? I just want to create a regular expression with any possible string. varusersString="...
From 2023-11-16 17:41:27
0
2
232
How to add newline character (newline character) in XML file? I have an XML file and I want to wrap the text "Sample Text 123" like this Sampl...
From 2023-11-16 16:42:38
0
1
199
Validate fields of objects in form - Vue 3 + Vee-validate + yes I have a form where some fields are inside an object: <scriptsetuplang="ts"&g...
From 2023-11-16 13:56:09
0
1
169
Vue 3 Composition API - Disable form submit button until all conditions are met I want to disable the form submit button until all input fields are filled in and there ar...
From 2023-11-13 09:41:53
0
3
438
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!