Запрос входа в PHP и MySQL
Я изучаю MySQL и PHP, и в настоящее время у меня проблемы с этим процессом входа в систему.
Кажется, что запрос MySQL не возвращает никаких строк и не перенаправляет меня после успешного входа в систему.
PHP:
$error_msg = "";
//checks the session to see if the user is logged in
if (!isset($_SESSION['userid'])) {
if (!isset($_POST['submit'])) {
$dbc = mysqli_connect('localhost', 'root', '', 'login')
or die('Error Connecting to Database on the SQL Server');
//grabs data from POST
$user_username = $_POST['username'];
$user_password = $_POST['password'];
//lookup username and password in the database
if (!empty($user_username) && !empty($password)) {
$query = "SELECT userid, username FROM tuser WHERE username = '$user_username' AND password = SHA('$user_password')";
$res = mysqli_query($dbc, $query);
//login is ok so set the user ID and username cookies, redirect to homepage
if (mysqli_num_rows($res) == 1) {
$row = mysqli_fetch_array($res);
$_SESSION['userid'] = $row['userid'];
$_SESSION['username'] = $row['username'];
setcookie('userid', $row['userid'], time() + (60 * 60 * 24 * 30), "/");
setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30), "/");
setcookie('email', $row['email'], time() + (60 * 60 * 24 * 30), "/");
setcookie('password', $row['password'], time() + (60 * 60 * 24 * 30), "/");
//redirect after successful login
header("Location: index.php");
} else {
//the username and password are incorrect so set error message
$error_msg = 'Sorry, you must enter a valid username and password to log in. <a href="Signup.php">Please sign up!</a>';
}
}
}
}
HTML:
<form action="login_process.php" method="post" class="login">
Username: <input type="text" name="username"/>
Password: <input type="password" name="password"/>
<input type="submit" value="submit"/>
</form>
Извините за неаккуратный код, я знаком с PHP и MySQL и учу себя, как это сделать. Я сделал некоторые изменения, и код отправляет, но он не перенаправляет меня, он просто идет в login_process.php и ничего не делает. Что мне не хватает? Я ценю всю помощь, спасибо всем!
<?
session_start();
$error_msg = "";
//checks the session to see if the user is logged in
if (!isset($_SESSION['user_id']))
{
if (isset($_POST['submit']))
{
$user_username = mysql_real_escape_string($_POST['username']);
$user_password = mysql_real_escape_string($_POST['password']);
$dbc = mysqli_connect('localhost', 'root', '', 'login')
or die('Error Connecting to Database on the SQL Server');
//grabs data from POST
//lookup username and password in the database
if (!empty($user_username) && !empty($password))
{
$query = "SELECT userid, username FROM tuser WHERE username = '$user_username' AND password = SHA('$user_password')";
$res = mysqli_query($dbc, $query);
//login is ok so set the user ID and username cookies, redirect to homepage
if (mysqli_num_rows($res) == 1)
{
$row = mysqli_fetch_array($res);
$_SESSION['user_id'] = $row['userid'];
$_SESSION['user'] = $row['username'];
setcookie('userid', $row['userid'], time() + (60 * 60 * 24 * 30), "/");
setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30), "/");
setcookie('email', $row['email'], time() + (60 * 60 * 24 * 30), "/");
setcookie('password', $row['password'], time() + (60 * 60 * 24 * 30), "/");
//redirect after successful login
header("Location: home.php");
echo mysqli_error($dbc);
}
else
{
//the username and password are incorrect so set error message
$error_msg = 'Sorry, you must enter a valid username and password to log in. <a href="Signup.php">Please sign up!</a>';
header("Location: home.php");
echo mysqli_error($dbc);
}
}
else
{
$error_msg = 'Please enter a username and password to log in. <a href="Signup.php">Please sign up!</a>';
header("Location: home.php");
echo mysqli_error($dbc);
}
}
}
?>