?php
session_start();
if(isset($_SESSION["manager"])){
header("location:index.php");
exit();
}
?>
<?php
//Parse the lg in from if the user has filled it out and pressed"log in"
if(isset($_POST["username"])&&isset($_POST["password"])){
$manager = preg_replace('#[^A-Za-z0-9]#i',$_POST["username"]);
$password = preg_replace('#[^A-Za-z0-9]#i',$_POST['password']);
//connect to the Mysql database
include"../Storescripts/connect_to_mysql.php";
$sql=mysql_query("SELECT id FROM admin WHERE username='$manager'AND password='$password'LIMIT1");//query the person
//....MAKE SURE PERSON EXISTS IN DATABASE........
$existCount=mysql_num_rows($sql);
if($existCount==1){
while($row=mysql_fetch_array($sql)){
$id=$row["id"];
}
$_SESSION["id"]=$id;
$_SESSION["manager"]=$manager;
$_SESSION["password"]=$password;
header("location:index.php");
exit();
}else{
echo'That information is incorrect,try again <a href="index.php> Click Here </a>';
exit();
}
}
?>
ผลลัพธ์
Warning: Wrong parameter count for preg_replace() in C:\AppServ\www\OnlineStore\Storeadmin\admin_login.php on line 12
Warning: Wrong parameter count for preg_replace() in C:\AppServ\www\OnlineStore\Storeadmin\admin_login.php on line 13
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\AppServ\www\OnlineStore\Storeadmin\admin_login.php on line 18
That information is incorrect,try again
$sql=mysql_query("SELECT id FROM admin WHERE username='$manager'AND password='$password'LIMIT1");
$result = mysql_query($sql);
$existCount=mysql_num_rows($result);
if($existCount==1){
while($row=mysql_fetch_array($result)){
Load balance : Server 03
