1. 首页
  2. 问答
  3. 登录脚本没有登录

登录脚本没有登录

2012-03-31 222 views
0

我无法将头围绕在oop上,所以我现在坚持使用程序编码。登录脚本没有登录

好吧,所以脚本的注册和auth部分工作,它记录在一个合适的位置,我不确定我的错误在哪里。

<?php 
include ('database_connection.php'); 
if (isset($_POST['formsubmitted'])) 
{ 
    // Initialize a session: 
    session_start(); 
    $error = array();//this aaray will store all error messages 
    if (empty($_POST['e-mail'])) 
    { 
    //if the email supplied is empty 
    $error[] = 'You forgot to enter your Email '; 
    } 
    else 
    { 
    if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['e-mail'])) 
    { 
     $Email = $_POST['e-mail']; 
    } 
    else 
    { 
     $error[] = 'Your EMail Address is invalid '; 
    } 
    } 
    if (empty($_POST['Password'])) 
    { 
    $error[] = 'Please Enter Your Password '; 
    } 
    else 
    { 
    $Password = $_POST['Password']; 
    } 
    if (empty($error))//if the array is empty , it means no error found 
    { 
    $query_check_credentials = "SELECT * FROM users WHERE (email ='$Email' AND cpassword='$Password') AND code IS NULL"; 
    $result_check_credentials = mysqli_query($dbc, $query_check_credentials); 
    if(!$result_check_credentials) 
    { 
     //If the QUery Failed 
     echo 'Query Failed '; 
    } 
    if (@mysqli_num_rows($result_check_credentials) == 1) 
    //if Query is successfull A match was made. 
    { 
     $_SESSION = mysqli_fetch_array($result_check_credentials, MYSQLI_ASSOC);//Assign the result of this query to SESSION Global Variable 
     header("Location: page.php"); 
    } 
    else 
    { 
     $msg_error= 'Either Your Account is inactive or Email address /Password is Incorrect'; 
    } 
    } 
    else 
    { 
    echo '<div class="errormsgbox"> <ol>'; 
    foreach ($error as $key => $values) 
    { 
     echo '<li>'.$values.'</li>'; 
    } 
    echo '</ol></div>'; 
    } 
    if(isset($msg_error)) 
    { 
    echo '<div class="warning">'.$msg_error.' </div>'; 
    } 
    /// var_dump($error); 
    mysqli_close($dbc); 
} // End of the main Submit conditional. 



?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org /TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
<title>Login Form</title> 





<style type="text/css"> 
body { 
font-family:"Lucida Grande", "Lucida Sans Unicode", Verdana, Arial, Helvetica, sans-serif; 
font-size:12px; 
} 
    .registration_form { 
margin:0 auto; 
width:500px; 
padding:14px; 
} 
label { 
width: 10em; 
float: left; 
margin-right: 0.5em; 
display: block 
} 
.submit { 
float:right; 
} 
fieldset { 
background:#EBF4FB none repeat scroll 0 0; 
border:2px solid #B7DDF2; 
width: 500px; 
} 
legend { 
color: #fff; 
background: #80D3E2; 
border: 1px solid #781351; 
padding: 2px 6px 
} 
.elements { 
padding:10px; 
} 
p { 
border-bottom:1px solid #B7DDF2; 
color:#666666; 
font-size:11px; 
margin-bottom:20px; 
padding-bottom:10px; 
} 
a{ 
color:#0099FF; 
font-weight:bold; 
} 

/* Box Style */ 


.success, .warning, .errormsgbox, .validation { 
border: 1px solid; 
margin: 0 auto; 
padding:10px 5px 10px 60px; 
background-repeat: no-repeat; 
background-position: 10px center; 
font-weight:bold; 
width:450px; 

} 

.success { 

color: #4F8A10; 
background-color: #DFF2BF; 
background-image:url('images/success.png'); 
} 
.warning { 

color: #9F6000; 
background-color: #FEEFB3; 
background-image: url('images/warning.png'); 
} 
.errormsgbox { 

color: #D8000C; 
background-color: #FFBABA; 
background-image: url('images/error.png'); 

} 
.validation { 

color: #D63301; 
background-color: #FFCCBA; 
background-image: url('images/error.png'); 
} 



</style> 

    </head> 
    <body> 


    <form action="login.php" method="post" class="registration_form"> 
<fieldset> 
<legend>Login Form </legend> 

    <p>Enter Your username and Password Below </p> 

    <div class="elements"> 
    <label for="name">Email :</label> 
    <input type="text" id="e-mail" name="e-mail" size="25" /> 
    </div> 

    <div class="elements"> 
    <label for="Password">Password:</label> 
    <input type="password" id="Password" name="Password" size="25" /> 
    </div> 
    <div class="submit"> 
    <input type="hidden" name="formsubmitted" value="TRUE" /> 
    <input type="submit" value="Login" /> 
    </div> 
    </fieldset> 
    </form> 
    Go Back to <a href="#">Account Verification on sign up</a> 
    </body> 
    </html>

我不确定是否需要从数据库发布sql字段。 我知道会员页面有这样的:

<?php 
ob_start(); 
session_start(); 
if(!isset($_SESSION['Username'])){ 
    header("Location: login.php"); 
} 


?>

我不知道那里的用户名是从哪里来的,我也不把它在我的分贝。我试过把它改成我有的领域,但没有运气。

来源

2012-03-31 BBuchanan

+2

哇,试试只发布相关的代码示例,而不是整个文件... – Michal 2012-03-31 12:51:32

+0

它给了什么错误? – 2012-03-31 12:59:55

+1

你不应该用这种方式覆盖$ _SESSION Global'$ _SESSION = mysqli_fetch_array',你应该循环访问sql结果并特别添加你的会话密钥/值。还有'header(“Location:login.php”)之后的任何代码;''将被执行,你需要添加die;标题重定向后 – 2012-03-31 13:01:24

回答

0

首先:你应该逃避mysql的输入。

$query_check_credentials = "SELECT * FROM users WHERE (email ='$Email' AND cpassword='$Password') AND code IS NULL";

应该

$query_check_credentials = "SELECT * FROM users WHERE (email =".mysqli_real_escape_string($Email)." AND cpassword=".mysqli_real_escape_string($Password).") AND code IS NULL";

其次,我敢肯定,你不应该做

$_SESSION = mysqli_fetch_array($result_check_credentials, MYSQLI_ASSOC);

反倒是像

$_SESSION['userdata'] = mysqli_fetch_array($result_check_credentials, MYSQLI_ASSOC);

的$ _SESSION [ '用户名']可能来自一些较早的代码t帽子确实设置了它。

来源

2012-03-31 13:08:57 LasseValentini

+0

因此,如果我将 $ _SESSION ['userdata'] 设置为db中的匹配字段,它应该工作吗?或者我应该具体领域? 要获得用户ID,我有两个其他领域之前。具体来说: innittime,id,cid 其中innittime是指定给后台服务器的,id是隐藏的每个成员的隐藏id,cid是他们需要登录的特定id。 – BBuchanan 2012-04-01 01:49:45

+0

在我的例子中,id在$ _SESSION ['userdata'] ['id']'中。 – LasseValentini 2012-04-02 08:39:34

0

好了,这是一个长镜头,它可能需要一些有得到它的工作摆弄周围,但也许尝试改变

if (@mysqli_num_rows($result_check_credentials) == 1) 
//if Query is successfull A match was made. 
{ 
    $_SESSION = mysqli_fetch_array($result_check_credentials, MYSQLI_ASSOC);//Assign the result of this query to SESSION Global Variable 
    header("Location: page.php"); 
} 


if (@mysqli_num_rows($result_check_credentials) == 1) 
//if Query is successfull A match was made. 
{ 
    session_register("userdata"); 
$_SESSION['userdata'] = mysqli_fetch_array($result_check_credentials, MYSQLI_ASSOC);//Assign the result of this query to SESSION Global Variable 
    header("Location: page.php"); 
}

,然后,在成员页面,请尝试更改

ob_start(); 
session_start(); 
if(!isset($_SESSION['Username'])){ 
    header("Location: login.php"); 
} 


ob_start(); 
session_start(); 
if(!isset($_SESSION['Username']) && !isset($_SESSION['userdata'])){ 
    header("Location: login.php"); 
}

来源

2012-04-02 10:19:19 Goldentoa11

+0

非常感谢 – BBuchanan 2012-04-05 04:12:45

相关问题

 相关问题