这是我对PHP的登录查询。我想当用户给出错误答案时,将用户重定向到错误的网站。我怎样才能做到这一点?
<?php
session_start();
$db_username = "root";
$db_password = "";
$con = new PDO('mysql:host=localhost;dbname=test', $db_username, $db_password);
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$query = $con->prepare(" SELECT username FROM faceflow WHERE username=:username AND password=:password");
$query->execute(array(
':username' => $_POST['username'],
':password' => $_POST['password']
));
$results = $query->fetchAll(PDO::FETCH_ASSOC);
$_SESSION['username'] = $results[0]['username'];
header('Location: /test/membership/loggedin.php');
}
else
{
die("Die hacker!");
}
?>
试试看,它对我有用。
旁注:两者均header()
出于测试目的已被注释掉。
noaccess.php
是文件名示例。
<?php
session_start();
$db_username = "root";
$db_password = "";
$con = new PDO('mysql:host=localhost;dbname=test', $db_username, $db_password);
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$query = $pdo->prepare(" SELECT username FROM faceflow WHERE username=:username AND password=:password");
$query->execute(array(
':username' => $_POST['username'],
':password' => $_POST['password']
));
$results = $query->fetchAll(PDO::FETCH_ASSOC);
if($results){
$_SESSION['username'] = $results[0]['username'];
// header('Location: /test/membership/loggedin.php');
echo "You have access";
}
if(!$results){
// header('Location: /test/membership/noaccess.php');
echo "Sorry";
}
}
密码输入
我还注意到您以纯文本形式存储密码。不建议这样做。
使用以下之一:
crypt()
bcrypt()
scrypt()
password_hash()
功能。其他连结:
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句