php:表单仍然在无效表单上提交

i got a problem on my validation script using php; when the user only fills out username form and emptied the password it still logs the user in it should show the user that the password field is blank error. i'm kinda new to php and i'm hoping you can help me. thanks!

here's my code for checking login

<?php
$usernameErr = $passwordErr = "";
$username = $password = "";

if ($_SERVER["REQUEST_METHOD"] == "POST")
{

   if (empty($_POST['username']))
     {$usernameErr = "Username is required.";}
   else
     {$username =($_POST['username']);}

   if (empty($_POST['password']))
     {$passwordErr = "Password is required.";}
   else
     {$password =($_POST['password']);}
}
?>

<body>
<div id="header" align="center">
<h1>PT. Sumber Urip Alfindo</h1>
</div>
<br/>
<div id="content" align="center">
<form id="login" name="login" method="post" action="checklogin.php">
<table>
<tr>
<td>Username</td>
<td></td>
<td><input name="username" type="text" id="username"><span class="error"><?php echo $usernameErr;?></span></td>
</tr>
<tr>
<td>Password</td>
<td></td>
<td><input name="password" type="password" id="password"><span class="error"><?php echo $passwordErr;?></span></td>
</tr>
<tr>
<td colspan="3" align="center"><input type="submit" name="submit" value="Login"></td>
</tr>
</table>
</form>

<?php
$sql="SELECT * FROM $tbl_name WHERE usrname='$username'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);

if($count==1 && $username="admin")
{
header("location:mainadmin.php");
}

else if($count==1)
{
header("location:main.php");
}

else
{
echo "Wrong username or password";
}
?>

我的验证脚本使用php时出现问题; 当用户只填写用户名表格并清空密码时,它仍然记录用户在其中应该向用户显示密码字段为空白错误。 我是一个新的PHP,我希望你能帮助我。 谢谢! p>

这是我的检查登录的代码 p>

 &lt;?php 
 $ usernameErr = $ passwordErr =“”; 
  $ username = $ password =“”; 
 
if($ _SERVER [“REQUEST_METHOD”] ==“POST”)
 {
 
 if(empty($ _ POST ['username']))
 {  $ usernameErr =“用户名是必需的。”;}} 
其他
 {$ username =($ _ POST ['username']);} 
 
 if(empty($ _ POST ['password']))
  {$ passwordErr =“密码是必需的。”;}} 
其他
 {$ password =($ _ POST ['password']);} 
} 
?&gt; 
 
&lt; body&gt; 
&lt;  div id =“header”align =“center”&gt; 
&lt; h1&gt; PT。  Sumber Urip Alfindo&lt; / h1&gt; 
&lt; / div&gt; 
&lt; br /&gt; 
&lt; div id =“content”align =“center”&gt; 
&lt; form id =“login”name =“login”  method =“post”action =“checklogin.php”&gt; 
&lt; table&gt; 
&lt; tr&gt; 
&lt; td&gt;用户名&lt; / td&gt; 
&lt; td&gt;&lt; / td&gt; 
&lt; td&gt;&lt;  ;输入名称=“用户名”type =“text”id =“username”&gt;&lt; span class =“error”&gt;&lt;?php echo $ usernameErr;?&gt;&lt; / span&gt;&lt; / td&gt;  
&lt; / tr&gt; 
&lt; tr&gt; 
&lt; td&gt;密码&lt; / td&gt; 
&lt; td&gt;&lt; / td&gt; 
&lt; td&gt;&lt;输入名称=“密码”type =“password”id  =“password”&gt;&lt; span class =“error”&gt;&lt;?php echo $ passwordErr;?&gt;&lt; / span&gt;&lt; / td&gt; 
&lt; / tr&gt; 
&lt; tr&gt; 
&lt;  ; td colspan =“3”align =“center”&gt;&lt; input type =“submit”name =“submit”value =“Login”&gt;&lt; / td&gt; 
&lt; / tr&gt; 
&lt; / table&gt  ; 
&lt; / form&gt; 
 
&lt;?php 
 $ sql =“SELECT * FROM $ tbl_name WHERE usrname ='$ username'”; 
 $ result = mysql_query($ sql); 
 $ count =  mysql_num_rows($ result); 
 
if($ count == 1&amp;&amp; $ username =“admin”)
 {
header(  “location:mainadmin.php”); 
} 
 
如果($ count == 1)
 {
header(“location:main.php”); 
} 
 
else 
 {\  necho“用户名或密码错误”; 
} 
?&gt; 
  code>  pre> 
  div>


 4 条回答

php