<?php
header("content-type:text/html:charset=utf-8");
include("conn.php");
if(isset($_POST['submitted'])){
$user = $_POST['user'];
$pwd = $_POST['pwd'];
$sql = 'select * from name where user="'.$user.'"';
//$sql = "select * from name where user = '.$user'";
$result = mysqli_query($conn,$sql) ;
$row = mysqli_fetch_array($result);
$cmp_pwd = $row['password'];
$quan =$row['quan'];
$xbb = 1;
$fx = 0;
if( $cmp_pwd == $pwd && $quan == $xbb){ //用从数据库取出的密码和提交的密码比较
echo "<script language=javascript>alert('登录成功');</script>";
Header("Location:addhc1.php");
//跳转到指定页面
}elseif($cmp_pwd1 == $pwd && $quan == $fx){
echo "<script language=javascript>alert('用户名或密码错误');</script>";
Header("Location:bddhc1.php"); //重新载入页面
} else{
echo "<script language=javascript>alert('用户名或密码错误');</script>";
Header("Location:login1.php"); //重新载入页面
}
}
?>
<html>
<head>
<title>登录窗口</title>
<meta http-equiv="Content-Type" content="text/html" charset="utf-8">
</head>
<body>
<form action="login1.php" method="post">
用户名:
<input type="text" name="user" />
密码:
<input type="password" name="pwd" />
<br/>
<输入类型=“隐藏”名称=“已提交”值=“1”/>
</html>
麻狼2018-05-01 07:50:53
$sql = 'select * from name where user="'.$user.'"';
变量名用单引号。
PHP中,双引号里可以使用变量,你可以这么写:
$sql = “select * from name where user='$user';";
