if ($result['password']==$password)
改成$res['password']试试
其实你2条查询为什么不写在一起?
$result=mysql_query("select * from tab1 where alias='$name' and password=‘$password’");
$con=mysql_connect("localhost","root","odps") or die (mysql_error);
mysql_select_db("odps",$con);
$name=$_POST['username'];
$password=$_POST['password'];
$result=mysql_query("select * from tab1 where alias='$name' and password=‘$password’");
$res=mysql_fetch_array($result);
if (mysql_num_rows($result)){
if ($result['password']==$password)
{
echo "Welcome!"; }
else
{echo "the password is wrong!";}
}
else{
echo "the username hasn't has!";
}
?>
进mysql需要mysql_escape_string转换一下:
$result=mysql_query("select * from tab1 where alias='mysql_escape_string($_POST['username'])'");
$result2=mysql_query("select * from tab1 where password='mysql_escape_string($_POST['password'])'");
内容全部来源于网络收集,如有侵权,请联系网站删除:QQ:24596024