我的问题是,当我提交登录表单时,脚本显示“用户不存在”,即使它确实存在于我的数据库中。
工作正常:如果未设置任何输入字段,它会正确打印“填写两个输入字段”。
PHP脚本
<?
if(isset($_POST['login'])){////4
$hostname = "localhost";
$data_username = "xxxxx"; //database username
$data_password = "xxxxx"; //database password
$data_basename = "xxxxx"; //database name
$conn = mysql_connect("".$hostname."","".$data_username."","".$data_password."");
mysql_select_db("".$data_basename."") or die(mysql_error());
$lastvisit = date("d-m-Y H:i:s");
if(isset($_POST['username']) && !empty($_POST['username']) AND isset($_POST['password']) && !empty($_POST['password'])) {///3
$check_user_data = mysql_query("SELECT * FROM so_users WHERE `username` = '$username'") or die(mysql_error());
if(mysql_num_rows($check_user_data) !== 0){ //// 2
$get_user_data = mysql_fetch_array($check_user_data);
if($get_user_data['password'] == $password){//// 1
if (isset($_POST['rememberme'])) {
/* Set cookie to last 1 year */
setcookie('username', $_POST['username'], time()+60*60*24*365, '/projekter/smartorder', 'www.xxxxx.dk');
setcookie('password', $_POST['password'], time()+60*60*24*365, '/projekter/smartorder', 'www.xxxxx.dk');
setcookie('usertype', $get_user_data['usertype'], time()+60*60*24*365, '/projekter/smartorder', 'www.xxxxx.dk');
mysql_query("UPDATE so_users SET visits=visits+1 WHERE username='$username'");
mysql_query("UPDATE so_users SET lastvisit='$lastvisit' WHERE username='$username'");
} else {
/* Cookie expires when browser closes */
setcookie('username', $_POST['username'], false, '/projekter/smartorder', 'www.xxxxx.dk');
setcookie('password', $_POST['password'], false, '/projekter/smartorder', 'www.xxxxx.dk');
setcookie('usertype', $get_user_data['usertype'], false, '/projekter/smartorder', 'www.xxxxx.dk');
mysql_query("UPDATE so_users SET visits=visits+1 WHERE username='$username'");
mysql_query("UPDATE so_users SET lastvisit='$lastvisit' WHERE username='$username'");
}
header('Location: index.php');
}//// 1
else { $msg = 'Incorrect password<br><div class="border"></div><br>'; }
}/// 2
else { $msg = 'User does not exist!<br><div class="border"></div><br>'; }
}/// 3
else { $msg = 'You must fill out both fields!<br><div class="border"></div><br>'; }
}/// 4
?>
HTML 格式:
<form class="boxCont" method="POST">
<?php echo '<div class="statusmsg">'.$msg.'</div>'; ?>
<div>
<label for="userName">Username</label>
<input id="username" type="text" name="username" placeholder="Please enter your username here" />
</div>
<br>
<div>
<label for="password">Password</label>
<input id="password" type="password" name="password" placeholder="And your password here" />
</div>
<div>
<label>
<input type="checkbox" id="login" name="login" value="Login" style="margin-top:32px;"/> Remember me
</label>
<input type="submit" id="login" name="login" value="Login" class="btn right" />
</div>
<div class="border"></div>
<div style="font-size: 12px; margin-left:124px; color: #888888;">
Arent't user yet? Register <a href="/projekter/smartorder/signup" style="color: #555555; font-weight: bold;">here</a>
</div>
</form>
最佳答案
你没有在任何地方设置 $username 的值(除非你打开了 register_globals,在这种情况下......稍后会详细介绍),所以你的查询结果如下:
SELECT * FROM so_users WHERE `username` = ''
^--look mom, no username!
如果您确实打开了register_globals,那么我建议您立即关闭您的网络服务器并阅读PHP 站点上的文档以了解为什么register_globals。是有史以来被放到公共(public)互联网上的最大的愚蠢行为。
看到这样的构造:
mysql_select_db("".$data_basename."") or die(mysql_error());
^^-- huh? ^^^-- double-huh?
建议一定数量的 cargo 崇拜编程。
关于php - 需要帮助用 cookie 完成登录脚本,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/11126113/