1. 首页
  2. 问答
  3. 登录和注册系统

登录和注册系统

2016-07-14 261 views
1

我有一个小问题,我的登录&注册系统,但我不知道问题出在哪里。当我按“登录”或“注册”时,下一页是白色的。我只看到我的消息:“再试一次!”。我做了3 PHP文件:登录和注册系统

1)的index.php

<!DOCTYPE html> 
 
<html> 
 
<head> 
 
</head> 
 
<body> 
 
     <form action="logreg.php" metodh="post" accept-charset="utf-8"> 
 
\t <label>Username:</label><input type="text" name="username" placeholder="Username"> 
 
\t <br> 
 
\t <label>Password:</label><input type="password" name="password" placeholder="Password"> 
 
\t <br> 
 
\t <input type="submit" name="login" value="Login"> 
 
\t <input type="submit" name="register" value="Register"> 
 
     </form> 
 
\t  
 
</body> 
 
</html>

我认为这个问题是在未来的文件:

2)logreg.php

<?php 
 

 
$servername = "localhost"; 
 
$username = "alex"; 
 
$password = "calamar28"; 
 
$database = "register/login"; 
 

 
$conn = mysqli_connect($servername, $username, $password, $database); 
 

 
if(!$conn){ 
 
\t die("Connection failde:".mysqli_connect_error()); 
 
} 
 

 
if(isset($_POST["login"])) { 
 
\t $user = $_POST['username']; 
 
\t $pass = $_POST['password']; 
 
\t 
 
\t $sql = "SELECT * FROM users WHERE username='$user' AND password='$pass';"; 
 
\t 
 
\t $result = mysqli_query($conn, $sql); 
 
\t $count = mysqli_num_rows($result); 
 
\t 
 
\t if ($count == 1) 
 
\t { 
 
\t \t header("Location: personal.php"); 
 
\t } 
 
\t else 
 
\t { 
 
\t \t echo "Username or password is incorrect!"; 
 
\t } 
 
\t 
 
} 
 
else if(isset($_POST["register"])) { 
 
\t $user = $_POST['username']; 
 
\t $pass = $_POST['password']; 
 
\t 
 
\t $sql = "INSERT INTO users (id, username, password) VALUES ('', '$user', '$pass')"; 
 
\t 
 
\t $result = mysqli_query($conn, $sql); 
 
} 
 
else 
 
{ 
 
\t echo "Try again!"; 
 
} \t 
 
?>

3)personal.php

<?php 
 

 
if(isset($_POST["login"])){ 
 
\t echo "Welcome to you personal area !"; 
 
\t echo '<a href = "proiect4.php">Your proiect</a>'; 
 
} 
 
else 
 
{ 
 
\t echo "You are not logged in!"; 
 
} 
 
?>

来源

2016-07-14 Alex Costy

+6

错字在'form'标签 - 'metodh = “后”'。 – andrewsi

+0

用于mysqli的安全哈希密码的登录存根[此处](http://stackoverflow.com/a/33665819)。 PDO链接在底部。如果您在“where”子句中输入了密码,则表示您做错了(即:明文密码或定时攻击漏洞)。因此,作为试金石,如果在'where'条款中以任何方式*引用密码,则该系统设计得不好。 – Drew

+0

更不用提你的设置的整个SQL注入问题。看看它对这个人做了什么[这里](http://stackoverflow.com/questions/38297105/mysql-real-escape-string-not-working-for-this-specific-example-mysql-real-escap?noredirect = 1#comment64014116_38297105) – Drew

回答

1

您还需要设置一些会话变量通过携带到personal.php网页...这将有助于确定如果作为原始数据发布时将您重定向到该页面无法通过转移用户已经登录成功与否,你会需要你的logreg.php是以下几点:

<?php 
 
if (!isset($_SESSION)) {session_start();}  
 

 
$servername = "localhost"; 
 
$username = "alex"; 
 
$password = "calamar28"; 
 
$database = "register/login"; 
 

 
$conn = mysqli_connect($servername, $username, $password, $database); 
 

 
if(!$conn){ 
 
\t die("Connection failde:".mysqli_connect_error()); 
 
} 
 

 
if(isset($_POST["login"])) { 
 
\t $user = $_POST['username']; 
 
\t $pass = $_POST['password']; 
 
\t 
 
\t $sql = "SELECT * FROM users WHERE username='$user' AND password='$pass';"; 
 
\t 
 
\t $result = mysqli_query($conn, $sql); 
 
\t $count = mysqli_num_rows($result); 
 
\t 
 
\t if ($count == 1) 
 
\t { 
 
       $_SESSION['loggedIn'] = 1; 
 
\t \t header("Location: personal.php"); 
 
\t } 
 
\t else 
 
\t { 
 
\t \t echo "Username or password is incorrect!"; 
 
\t } 
 
\t 
 
} 
 
else if(isset($_POST["register"])) { 
 
\t $user = $_POST['username']; 
 
\t $pass = $_POST['password']; 
 
\t 
 
\t $sql = "INSERT INTO users (id, username, password) VALUES ('', '$user', '$pass')"; 
 
\t 
 
\t $result = mysqli_query($conn, $sql); 
 
} 
 
else 
 
{ 
 
\t echo "Try again!"; 
 
} \t 
 
?>

然后你personal.php页面会更改为以下:

<?php 
 
if (!isset($_SESSION)) {session_start();} 
 

 
if(isset($_SESSION["loggedIn"]) && ($_SESSION["loggedIn"] == 1)){ 
 
\t echo "Welcome to you personal area !"; 
 
\t echo '<a href = "proiect4.php">Your proiect</a>'; 
 
} 
 
else 
 
{ 
 
\t echo "You are not logged in!"; 
 
} 
 
?>

来源

2016-07-14 14:48:19 claudecompere

+0

谢谢,这帮了我很多! –

0

的默认方法对HTML表单是GET。并在您的HTML代码中写下metodh而不是方法。这将被忽略,然后你的方法会自动默认为GET。除此之外,您的PHP代码很好。 更改您的HTML代码,类似于下面,并预期应当一切正常:

<!DOCTYPE html> 
    <html> 
     <head> 
     </head> 
     <body> 
      <form action="logreg.php" method="post" accept-charset="utf-8"> 
       <label>Username:</label><input type="text" name="username" placeholder="Username"> 
       <br> 
       <label>Password:</label><input type="password" name="password" placeholder="Password"> 
       <br> 
       <input type="submit" name="login" value="Login"> 
       <input type="submit" name="register" value="Register"> 
     </form> 

    </body> 
    </html>

来源

2016-07-14 14:31:32 Poiz

 相关问题

  • 暂无相关问题^_^