我正在尝试在我的托管网页上创建一个简单的登录系统。我有一个使用 phpMyAdmin 创建的 MySQL 数据库和表。数据库、HTML 和 PHP 文件托管在同一台服务器上。我能够添加用户,帐户信息出现在表中。问题在于登录。我总是收到“登录失败错误”。我用过的教程是located here .我检查并重新检查了错误输入,我认为这不是问题所在。我认为该问题与 fetchColumn()
命令有关。根据我的研究,这个命令抓取下一行,这对我来说没有意义,因为用户名、密码和用户 ID 都位于同一行,只是不同的列。
这是用户提交信息的表单,然后调用登录脚本。下面的代码中有两种形式;第一种形式在这个问题中很重要。
<?php
/*** begin our session ***/
session_start();
/*** set a form token ***/
$form_token = md5( uniqid('auth', true) );
/*** set the session form token ***/
$_SESSION['form_token'] = $form_token;
?>
<html>
<head>
<title>Log In Page</title>
<link rel="stylesheet" type="text/css" href="formstyle.css">
</head>
<header>
Log In Page
</header>
<body>
<h2>Log In</h2>
<form action="login_submit.php" method="post">
<fieldset id="forms" >
<p>
<label for="username">Username</label>
<input type="text" id="username" name="username" value="" maxlength="20"/>
</p>
<p>
<label for="password">Password</label>
<input type="text" id="password" name="password" value="" maxlength="20"/>
</p>
<p>
<input type="submit" value="Login"/>
</p>
</fieldset>
</form>
<h2>Create Account</h2>
<form action="adduser_submit.php" method="post">
<fieldset id="forms" >
<p>
<label for="username">Username</label>
<input type="text" id="username" name="username" value="" maxlength="20"/>
</p>
<p>
<label for="password">Password</label>
<input type="text" id="password" name="password" value="" maxlength="20"/>
</p>
<p>
<input type="hidden" name="form_token" value="<?php echo $form_token; ?>" />
<input type="submit" value="Sign Up"/>
</p>
</fieldset>
</form>
</body>
</html>
这是 login_submit 脚本。
<?php
/*** begin our session ***/
session_start();
/*** check if the user is already logged in ***/
if(isset( $_SESSION['userID'] ))
{
$message = 'User is already logged in';
}
/*** check that both the username and password have been submitted ***/
if(!isset( $_POST['username'], $_POST['password']))
{
$message = 'Please enter a valid username and password';
}
/*** check the username is the correct length ***/
elseif (strlen( $_POST['username']) > 20 || strlen($_POST['username']) < 4)
{
$message = 'Incorrect Length for Username';
} `enter code here`
/*** check the password is the correct length ***/
elseif (strlen( $_POST['password']) > 20 || strlen($_POST['password']) < 4)
{
$message = 'Incorrect Length for Password';
}
/*** check the username has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['username']) != true)
{
/*** if there is no match ***/
$message = "Username must be alpha numeric";
}
else
{
/*** if we are here the data is valid and we can insert it into database ***/
$username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);
/*** now we can encrypt the password ***/
$password = sha1( $password );
/*** connect to database ***/
/*** mysql hostname ***/
$mysql_hostname = 'localhost';
/*** mysql username ***/
$mysql_username = 'neticl5';
/*** mysql password ***/
$mysql_password = 'corrupted707';
/*** database name ***/
$mysql_dbname = 'neticl5_apptest';
try
{
$dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
/*** $message = a message saying we have connected ***/
/*** set the error mode to excptions ***/
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
/*** prepare the select statement ***/
$stmt = $dbh->prepare('SELECT userID, username, password FROM useraccounts
WHERE username = :username AND password = :password');
/*** bind the parameters ***/
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR, 40);
/*** execute the prepared statement ***/
$stmt->execute();
/*** check for a result ***/
$userID = $stmt->fetchColumn();
/*** if we have no result then fail boat ***/
if($userID == false)
{
$message = 'Login Failed';
}
/*** if we do have a result, all is well ***/
else
{
/*** set the session user_id variable ***/
$_SESSION['userID'] = $userID;
/*** tell the user we are logged in ***/
$message = 'You are now logged in';
}
}
catch(Exception $e)
{
/*** if we are here, something has gone wrong with the database ***/
$message = 'We are unable to process your request. Please try again later';
}
}
?>
<html>
<head>
<title>Log In</title>
</head>
<body>
<p><?php echo $message; ?></p>
</body>
</html>
最佳答案
我已经回答了我自己的问题。数据库中的密码字段未设置为正确的长度。用户字段要求最大为 20。数据库中的字段需要设置为正确的加密限制。
关于php - 使用 PHP 和 MYSQL 创建登录脚本,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26824685/