php - 为什么这个登录表单代码不起作用?

标签 php html mysql forms pdo

<分区>

我从星期四晚上开始就在做这件事,但我不知道我做错了什么。我正在尝试创建一个简单的登录表单。我有用户和管理员。当我尝试以用户身份登录时,它说用户的用户名和密码无效,即使我的密码和用户名是正确的。任何帮助提前感谢。

<?php

include 'Fonctions/fonctions.php';
teteHtml("Login");
enTete($messageErreur);

//store the values found in SESSION
$username = "";
$password = "";
$loginError = "";
if (isset($_POST["login"])) {
    createCookie();
    echo $loginError;
} else {
    if (isset($_POST["deconnexion"])) {
        deleteCookie();
    }
}

function createCookie() {
    //if (isset($_POST["uname"], $_POST["psw"])) {
    if (isset($_POST["login"])) {
        //check if the system is lock
        if (isset($_SESSION["login_error"]) && $_SESSION["login_error"] >= 3) {
            die("Plusieurs essaies sont interdits!");
        } else {


            $connection = getDatabaseConnection();


            $salted = "wrntjkhn4wervfmm" . $_POST["password"] . "wo2i45djk";
            $hashed = hash('sha512', $salted);


            $stmt = $connection->prepare("CALL login(?,?)");
            $stmt->bindParam(1, $_POST["username"]);
            $stmt->bindParam(2, $hashed);
            //echo json_encode($stmt->errorInfo());
            // call the stored procedure
            $stmt->execute();


            if ($row = $stmt->fetch()) {
                $_SESSION["username"] = $row["username"];
            } else if ($_POST["username"] == "admin" && $_POST["password"] == "admin") {
                $_SESSION["username"] = "admin";
            } else {
                if (isset($_SESSION["login_error"])) {
                    echo $_SESSION["login_error"] . "jjjj";
                    $_SESSION["login_error"] ++;
                } else {
                    $_SESSION["login_error"] = 1;
                }
                if ($_SESSION["login_error"] >= 3) {
                    echo "you put 3 times wrong password.";
                }
                //echo gettype($_SESSION["login_error"]). ($_SESSION["login_error"] >= 3);
                die("password and username are invalid");
            }
        }
    }
}

function deleteCookie() {
    //$_SESSION["uname"] = "";
    session_destroy();

    //refresh the page
    //header("Location: Mon_compte.php");
}

include 'html/login.html';

?>

    <form  method="POST"  action="login.php">

      <label><b>Username</b></label>
      <input type="text" placeholder="Enter Username" name="username" required>

      <label><b>Password</b></label>
      <input type="password" placeholder="Enter Password" name="password" required>

      <button type="submit" name="login">Login</button>
      <!--<input type="checkbox" checked="checked"> Remember me-->
      <span id="error_connection"></span>

      <span class="psw">Forgot <a href="#">password?</a></span>

  </form>

BEGIN
select username, password from users
    where username = p_username and password = p_password;
END

最佳答案

mySql 数据库/表

数据库名称 - 登录

表名 - 用户

表格列 -

id(primary_key) | username | passcode

DBConnection.php

<!-- Fill in the data below with your appropriate data -->

<?php
   define('server', 'localhost:3036');
   define('username', 'root');
   define('password', 'root_password');
   define('database_name', 'login');
   $db = mysqli_connect(server, username, password, database_name);
?>

登录.php

<?php
   include("DBConnection.php");
   session_start();

   if($_SERVER["REQUEST_METHOD"] == "POST") {         
      $myusername = mysqli_real_escape_string($db,$_POST['username']);
      $mypassword = mysqli_real_escape_string($db,$_POST['password']); 
      $sql = "SELECT id FROM users WHERE username = '$myusername' and passcode = '$mypassword'";
      $result = mysqli_query($db,$sql);
      $row = mysqli_fetch_array($result,MYSQLI_ASSOC);
      $active = $row['active'];
      $count = mysqli_num_rows($result);

      if($count == 1) {
         session_register("myusername");
         $_SESSION['login_user'] = $myusername;
         header("location: welcome.php");
      }else {
         $error = "Your Login Name or Password is invalid";
      }
   }
?>
<html>
   <head>
      <title>Login Page</title>
   </head>
   <body>
      <div align = "center">
         <div>Login</div>   
         <form action = "" method = "post">
             <label>UserName  :</label><input type = "text" name = "username" class = "box"/><br /><br />
             <label>Password  :</label><input type = "password" name = "password" class = "box" /><br/><br />
             <input type = "submit" value = " Submit "/><br />
         </form>
         <div><?php echo $error; ?></div>
      </div>
   </body>
</html>

Session.php

<?php
   include('DBConnection.php');
   session_start();

   $user_check = $_SESSION['login_user'];

   $ses_sql = mysqli_query($db,"select username from users where username = '$user_check' ");

   $row = mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);

   $login_session = $row['username'];

   if(!isset($_SESSION['login_user'])){
      header("location:Login.php");
   }
?>

欢迎.php

<?php
   include('Session.php');
?>
<html>     
   <head>
      <title>Welcome </title>
   </head>
   <body>
      <h1>Welcome <?php echo $login_session; ?></h1> 
      <h2><a href = "Logout.php">Sign Out</a></h2>
   </body>
</html>

Logout.php

<?php
   session_start(); 
   if(session_destroy()) {
      header("Location: Login.php");
   }
?>

关于php - 为什么这个登录表单代码不起作用?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46015046/

上一篇:php - 如何将ID添加到另一个表?

下一篇:php - 数据库连接显示错误

相关文章:

java - 无法加载 MySQL JDBC 驱动程序

mysql - 防止根据记录日期在查询中加入较旧的日期记录

HTML 如果不是 IE 8 或更低版本

javascript - 是否可以仅使用客户端脚本在定义的列数中显示结果数组?

javascript - 隐藏所有文章并在我们单击下一步并预览时按 5 乘 5 显示它们

php - 更改magento结帐页面中的文本框-要编辑哪个页面?

PHP 如何编辑我刚刚创建的数据库条目? (基本的)

php - 当文件不存在时,我需要停止循环

php - 从 UploadiFive 向 Codeigniter Controller 发送数据

javascript - 使用 AJAX 时,我应该在 .php 中重命名我的 .html 吗?

©2024 IT工具网  联系我们