There is a site where you need to make an authorization form. It should check the presence of this user in MySQL using the login and password entered by him. There is a table users, and in it columns id, login, password. I wrote a code defining the number of id, where the login column is equal to the login entered by the user, and the password column is equal to the password entered by the user and encrypted md5 (because the passwords in the table are already stored in encrypted form). If the number of id is not zero, then we should be transferred to another page, but this does not happen ... Help, please, solve the problem. I think that the problem may be in header e or in a sample from the database. (PS - session is used in the code) Here is the code itself:

 <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>Авторизация</title> <link rel="stylesheet" href="style.css"> </head> <body> <?php session_start(); $mysqli = new mysqli("domen", "login", "password", "DB"); if(isset($_POST["send"])){ $login = htmlspecialchars($_POST["login"]); $pswrd = htmlspecialchars($_POST["password"]); $_SESSION["login"] = $login; $_SESSION["pswrd"] = $pswrd; $error_login = ""; $error_pswrd = ""; $error_auth = ""; if (strlen($login) == 0) { $error_login = "Введите login"; } if (strlen($pswrd) == 0) { $error_pswrd = "Введите пароль"; } if ($mysqli->query("SELECT count(`id`) FROM `users` WHERE `login`='$login' AND `password`='".md5("$pswrd")."' ") != 0) { header("Location: http://www.pupok.ru/Devices/show.php"); } else { $error_auth = "Учетная запись с таким логином не существует"; } } ?> <form name="feedback" action="" method="post"> <label>Введите ваш логин</label><br> <input type="text" name="login" placeholder="Ваш логин" value="<?=$_SESSION["login"]?>"> <span style="color:red"><?=$error_login?></span><br> <label>Введите ваш пароль</label><br> <input type="password" name="password" placeholder="Ваш пароль" value="<?=$_SESSION["pswrd"]?>"> <span style="color:red"><?=$error_pswrd?></span> <span style="color:red"><?=$error_auth?></span><br> <input type="submit" name="send" value="Отправить"> </form> </body> </html>

    1 answer 1

    $ mysqli-> query does not return a result. You need to select the result and compare the result.

     if ($myquery = $mysqli->query("SELECT count(`id`) as cnt FROM `users` WHERE `login`='$login' AND `password`='".md5("$pswrd")."' ") != 0) { if ($row = $myquery->fetch_assoc() && $row['cnt']>0) { header("Location: http://www.pupok.ru/Devices/show.php"); } }