时间戳

首页 > 解决方案 > 如何使用单一登录表单从 sql 中的两个不同表中获取数据

php - 如何使用单一登录表单从 sql 中的两个不同表中获取数据

问题描述

我在 SQL 中制作了两个表。第一个是登录表,第二个是注册表。在登录表中,我插入了一行用户 admin 和密码 admin,当我登录时它可以工作。但现在我想从注册表登录。我的意思是如果一个已经注册的用户想要登录他怎么能做到???

以下是我的代码,请帮助我。当我尝试以注册用户身份登录时,它显示错误“无效的用户名或密码”:

<?php 
include('../dbcon.php');  //Database connection included
if (isset($_POST['login'])) {

    $username = $_POST['uname'];       //data of login table in sql
    $password = $_POST['password'];
    $qry = "SELECT * FROM `login` WHERE `uname`='$username' AND `password`='$password' ";
    $run = mysqli_query($dbcon,$qry);
    $row = mysqli_num_rows($run);
    if ($row<1) 
    {
        echo "invalid usernaem or password";
    }
    else
    {

        $data = mysqli_fetch_assoc($run);
        $id  = $data['id'];
        echo "Your Id is " .$id;
    }
}
else
{
    if (isset($_POST['login'])) {       //for the  data of registraion table in sql
        $username = $_POST['uname'];
        $password = $_POST['password'];
        $qry = "SELECT * FROM `registration` WHERE `uname`= '$username' OR `email`='$email' AND `password` = '$password' ";
        $run = mysqli_query($dbcon,$qry);
        $row = mysqli_num_rows($run);
        if ($row<1) 
        {
            echo "password is incorrect";
        }
        else
        {
            $data = mysqli_fetch_assoc($run);
            $id  = $data['id'];
            echo "Your Id is " .$id;
        }

    }
}

?>

标签: phpsqlloginphpmyadmin

解决方案

当查询没有找到任何东西时,您需要查询该registration表。login

<?php 
include('../dbcon.php');  //Database connection included
if (isset($_POST['login'])) {

    $username = $_POST['uname'];       //data of login table in sql
    $password = $_POST['password'];
    $qry = "SELECT * FROM `login` WHERE `uname`='$username' AND `password`='$password' ";
    $run = mysqli_query($dbcon,$qry);
    $row = mysqli_num_rows($run);
    if ($row<1) 
    {
        // not an admin, check registration table
        $email = $_POST['email'];
        $qry = "SELECT * FROM `registration` WHERE (`uname`= '$username' OR `email`='$email') AND `password` = '$password' ";
        $run = mysqli_query($dbcon,$qry);
        $row = mysqli_num_rows($run);
        if ($row<1) 
        {
            echo "password is incorrect";
        }
        else
        {
            $data = mysqli_fetch_assoc($run);
            $id  = $data['id'];
            echo "Your Id is " .$id;
        }
    }
    else
    {
        $data = mysqli_fetch_assoc($run);
        $id  = $data['id'];
        echo "Your Id is " .$id;
    }
}
?>

您还应该学习使用准备好的语句而不是将变量替换到 SQL 中,以防止 SQL 注入。请参阅如何防止 PHP 中的 SQL 注入?. 您应该使用password_hash()andpassword_verify()而不是在数据库中存储明文密码。

推荐阅读