使用不正确的密码和用户名系统无法正常工作[重复]
This question already has an answer here:
I have created simple login form in php. There are two pages called login.html and login.php.login.html action page is login.php.admin has fixed username and password.when admin uses his password system should redirect to admin page.when user uses his password or username system should redirect to order.php page.
when user uses correct password and username system works properly. But problem is, when anyone use incorrect password or username system redirect to admin.php page. How can i fix this.i mentioned my php code below.
<?php
session_start();
$uname=$_POST['uname'];
$pwd=$_POST['pwd'];
$servername="localhost";
$username="root";
$password="";
$dbname="mid";
$conn=mysqli_connect($servername,$username,$password,$dbname);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
else{
$sql="select * from reg where uname='$uname' and pwd='$pwd'";
$result = mysqli_query($conn, $sql);
$count = mysqli_num_rows($result);
if($count > 0){
header('Location:order.php');
}
elseif($uname="Admin" && $pwd="abc123"){
header('Location:admin.php');
}
else{
echo "incorrect";
}
}
?>
</div>
Your elseif condition doesn't check for equality using double equals (==) rather it uses the assignment operator (=) change the condition to
elseif($uname == "Admin" && $pwd == "abc123")
Look for what comparison operator you have used
Shouldn't it be '==' or '===' instead of '=' in elseif condition
By using '=' operator you are assigning value to variables and as assignment is successful it returns true which causes redirection to admin.php page
Try to change :
else{
echo "incorrect";
}
to
else{
header('Location:login.html');
}
or if you want get JS alert
else{
die('<script>alert('incorrect');location.href='login.html';</script>');
}
You have a syntax error in your code. The comparison operator is used incorrectly as an assignment operator. Use a == for comparison.
The code is corrected as below:
if($count > 0){
header('Location:order.php');
}
else if($uname == "Admin" && $pwd == "abc123"){
header('Location:admin.php');
}
else{
echo "incorrect";
}