这是我的php代码:
<html>
<head>
<title>logincheck</title>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
</head>
<?php
$input=$_POST;
$link=mysqli_connect('localhost','root','123456789','news');
if(!$link) die('Connect Error:'.mysqli_connect_error());
$sql="select username,password from login where username = '{$input['username']}' and password = '{$input['password']}'";
$result = mysqli_query($link,$sql);
if(!$result) die('Query Error:'.$SQL);
$num = mysqli_num_rows($result);
if($num){
$row = mysqli_fetch_array($result,MYAQLI_ASSOC);
echo "欢迎您,$row[0]";
}else{
echo" <script>alert('用户名或密码不正确');history.go(-1);</script>";
}
?>
</html>
使用var_dump($sql);后显示string(73)"select username,password from login where username=''and password=''",是因为post传值没有传过来么?
追答在这句$input=$_POST;后面使用:
var_dump($input);看看输出
