Thinkphp member logon problems

Thinkphp member logon problems

 Query ("select * from developers where username = ". $ POST ['username']. "and password = ". $ _ POST ['password']. ""); if ($ select) {$ _ SESSION ['admin'] =$ _ POST ['username']; $ this-> redirect ('index/Index ', '', 2, 'user '. $ _ POST ['username']. 'logon successful! ');} Else {$ this-> redirect ('index/Index', '', 2, 'incorrect username or password ');}} else {$ this-> redirect ('index/Index', '', 2, 'user name or password cannot be blank! ') ;}$ This-> display () ;}}?>

This is the AdminAction code. I don't know what's going on. no matter what you enter or do not enter anyone, it prompts that the user name or password is incorrect. why? What's the problem?

Reply to discussion (solution)

Check whether the SQL statement query results in the database are correct.

Are you sure your SQL is correct ??

"select * from developers where username='".$POST['username']."' and password='".$_POST['password']."'"

Are you sure your SQL is correct ??

"select * from developers where username='".$POST['username']."' and password='".$_POST['password']."'"

I changed it to you, but there was a new problem, that is, nothing to fill in, the user login is successful, and then no matter what is entered is the user name or password is incorrect. This... What's going on?

Add echo $ db-> getLastSql (); exit after the query operation. print the SQL statement and you will know the result.

Add echo $ db-> getLastSql (); exit after the query operation. print the SQL statement and you will know the result.
I found the problem using this method. no matter what I enter, the username cannot be printed, and the password is OK. What is the problem? No error found.

Add echo $ db-> getLastSql (); exit after the query operation. print the SQL statement and you will know the result.
I found the problem using this method. no matter what I enter, the username cannot be printed, and the password is OK. What is the problem? No error found.
Is the name attribute in the form incorrect?

Add echo $ db-> getLastSql (); exit after the query operation. print the SQL statement and you will know the result.
I found the problem using this method. no matter what I enter, the username cannot be printed, and the password is OK. What is the problem? No error found.
Is the name attribute in the form incorrect?
Of course, it cannot be wrong... How can we make such a low-level mistake...

Add echo $ db-> getLastSql (); exit after the query operation. print the SQL statement and you will know the result.
I found the problem using this method. no matter what I enter, the username cannot be printed, and the password is OK. What is the problem? No error found.
Is the name attribute in the form incorrect?
Of course, it cannot be wrong... How can we make such a low-level mistake...

Your password does not have MD5?

Is it md5 in the database? no md5 in the query?

You can print $ _ POST directly to see if there is any username.

You can print $ _ POST directly to see if there is any username.

First, the password is md5. The database also has md5. The username is still not printed directly. The password can be printed, that is, the username cannot be printed.

First obtain the post value, then output the SQL statement, and then run the SQL statement to check whether the result set is returned.

Check the browser cookie

Username = '". $ POST ['username']."'
No problems found
Username = '". $ _ POST ['username']."'

Are you sure your SQL is correct ??

"select * from developers where username='".$POST['username']."' and password='".$_POST['password']."'"

I'm dizzy. you don't even point it out. they didn't find it either. you don't know it until now ....
It should be $ select = $ db-> query ("select * from developers where username = ". $ _ POST ['username']. "and password = ". $ _ POST ['password']. "");

Are you sure your SQL is correct ??

"select * from developers where username='".$POST['username']."' and password='".$_POST['password']."'"

I'm dizzy. you don't even point it out. they didn't find it either. you don't know it until now ....
It should be $ select = $ db-> query ("select * from developers where username = ". $ _ POST ['username']. "and password = ". $ _ POST ['password']. "");


Username = '". $ _ POST ['username']."' must be enclosed in single quotes.