2011-12-10 137 views
-1

因此,我正在學習如何爲我正在製作的網站製作一個簡單的登錄系統,並且出現此錯誤。簡單登錄系統問題

說明:未定義的常量名爲myUsername的使用 - 在/home/dkitterm/public_html/index.php假定 '名爲myUsername' 在第4行

這些線3-6。

這也是我的支票登錄頁面。

 <?php 

    $host="localhost"; 
    $username="dkitterm"; 
    $password=""; 
    $db_name=""; 
    $tbl_name="members"; 

    //connect to server and db 
    mysql_connect("$host", "$username", "$password") or die("Server Down"); 
    mysql_select_db("$db_name") or die("cannot select DB"); 

    //username and password sent from form 
    $myusername=$_POST['myusername']; 
    $mypassword=$_POST['mypassword']; 

    //debunk 
    $myusername = stripslashes($myusername); 
    $mypassword = stripslashes($mypassword); 
    $myusername = mysql_real_escape_string($myusername); 
    $mypassword = mysql_real_escape_string($mypassword); 

    //encrypt password 
    $encrypted_mypassword=md5($mypassword); 


    $sql="SELECT * FROM members WHERE login='$myusername' and password='$encrypted_mypassword'"; 
    $result=mysql_query($sql); 

    // Mysql_num_row is counting table row 
    $count=mysql_num_rows($result); 
    // If result matched $myusername and $mypassword, table row must be 1 row 

    if($count==1){ 
    // Register $myusername, $mypassword and redirect to file     "login_success.php" 
    session_register("myusername"); 
    session_register("mypassword"); 
    header("location: index.php"); 
    } 
    else { 
    echo "Wrong Username or Password"; 
    } 
    ?> 
+0

你最好儘快把這整個代碼扔掉。這很可怕 –

+1

我只是在學習男人。我想你也是從某個地方出發的。只是在這裏尋找一些幫助。 –

+0

我明白這不是你的代碼。你只是在某處學習。 **這就是爲什麼**我告訴你儘快擺脫它。這段代碼你不會得到任何好處。找到自己更好的一個。 –

回答

-1

所有檢查頁首先不保護你100%,所以你需要 到

session_start(); 
    if(!session_is_registered("myusername")){ 
    header("location: main_login.php"); 
    die(); 
    } 

,並把報價周圍名爲myusername,否則會將其視爲一個常數,它不是

+0

儘管您的答案在技術上是正確的,但不應該使用此代碼。它在上個世紀被棄用了。 –

+0

是的,我知道,但它解決了他的問題 – Sedz

+0

非常感謝。這工作! –

2

作爲@Col。 Sharpanel表示這是另一個更好的解決方案,因爲您使用了折舊功能。

session_start(); 
    if(!isset($_SESSION['myusername'])){ 
    header("location: main_login.php"); 
    } 

    <?php 

$host="localhost"; 
$username="dkitterm"; 
$password=""; 
$db_name=""; 
$tbl_name="members"; 

//connect to server and db 
mysql_connect("$host", "$username", "$password") or die("Server Down"); 
mysql_select_db("$db_name") or die("cannot select DB"); 

//username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

//debunk 
$myusername = stripslashes($myusername); 
$mypassword = stripslashes($mypassword); 
$myusername = mysql_real_escape_string($myusername); 
$mypassword = mysql_real_escape_string($mypassword); 

//encrypt password 
$encrypted_mypassword=md5($mypassword); 


$sql="SELECT * FROM members WHERE login='$myusername' and password='$encrypted_mypassword'"; 
$result=mysql_query($sql); 

// Mysql_num_row is counting table row 
$count=mysql_num_rows($result); 
// If result matched $myusername and $mypassword, table row must be 1 row 

if($count==1){ 
// Register $myusername, $mypassword and redirect to file     "login_success.php" 
$_SESSION['myusername'] = $myusername; 
//if you need to register the password do the same but for the password 
header("location: index.php"); 
} 
else { 
echo "Wrong Username or Password"; 
} 
?> 
+0

我已經改變了它。感謝您的幫助。 –