用PHP检查用户名和密码 [英] Checking username and password in PHP

问题描述

您好，我是初学者。

用于检查用户名和密码：

< pre><？php 
 <？php 
 if（$ _SERVER ['REQUEST_METHOD'] =='POST'）{
 $ username = $ _POST ['username']; 
 $ password = $ _POST ['password']; 
 require_once（'dbConnect.php'）; 
 $ sql =SELECT * FROM user WHERE username ='$ username'AND password ='$ password'; 
 $ result = mysqli_query（$ con，$ sql）; 
 $ check = mysqli_fetch_array（$ result）; 
 if（isset（$ check））{
 echo'success'; 
}其他{
 echo'失败'; 
} 
} 
？> 

但是当我从用户那里得到变量时它就不是'安全。

如何使用'？'并准备查询并检查结果？





我尝试了什么：



用

 bind_param 

解决方案

_SERVER ['REQUEST_METHOD'] =='POST'）{

username =

_POST [ '用户名'];

Hello, I am a beginner.
For checking username and password:

<pre><?php
<?php
if ($_SERVER['REQUEST_METHOD']=='POST'){
$username = $_POST['username'];
$password = $_POST['password'];
require_once('dbConnect.php');
$sql= "SELECT * FROM user WHERE username = '$username' AND password = '$password' ";
$result = mysqli_query($con,$sql);
$check = mysqli_fetch_array($result);
if(isset($check)){
echo 'success';
}else{
echo 'failure';
}
}
?>

But when I get variables from users it isn't secure.
How can I use '?' and prepare the query and check results?


What I have tried:

checking username and password with

bind_param

解决方案

_SERVER['REQUEST_METHOD']=='POST'){

username =

_POST['username'];

这篇关于用PHP检查用户名和密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！