首先,你在$_POST [密码]周围没有单引号:
$query = "SELECT * FROM teacher WHERE tremail='". $_POST['email'] ."' and trpasssword='" . $_POST['password'] . "'";
$result = mysqli_query($con, $query) or die(mysqli_error($con));
$flag = FALSE;
while ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$_SESSION['email'] = $row['email'];
$flag = TRUE;
}
但是过去,你甚至在这里设置了MySQL数据库连接吗?我看到$con但是真的有效吗?
另外,通过向mysqli_query($con,$query)行添加或消除(mysql_error($con))来检查是否存在错误.
此外,您有$_SESSION值,但是您甚至在脚本的开头设置了session_start吗?
但我还建议你使用mysqli_stmt_bind_param作为你的值,如果你不打算做基本的验证,至少要逃避它们:
$query = "SELECT * FROM teacher WHERE tremail=? and trpasssword=?";
mysqli_stmt_bind_param($query, 'ss', $_POST['email'], $_POST['password']);
$result = mysqli_query($con, $query) or die(mysqli_error($con));
$flag = FALSE;
while ($row = mysqli_fetch_array($result, MYSQLI_BOTH)) {
$_SESSION['email'] = $row['email'];
$flag = TRUE;
}