0
所以這個if/else語句是與谷歌的Recaptcha一個簡單的登錄表單連接。我有Recaptcha的一部分工作正常,只是當我輸入我的用戶名和密碼,即使正確,我似乎無法登錄。這隻發生在我添加ReCaptcha後。 ReCaptcha唯一改變的是if語句檢查的另一個條件,不應該引起問題。if/else語句正確
下面是引用我的validate.php文件時,如果有問題的語句是在底部:
<?php
if (isset($_POST['submit'])) {
$userid = $_POST["userid"];
$password = $_POST["password"];
$secretkey = "_SECRET_KEY_";
$responsekey = $_POST["g-recaptcha-response"];
$useripaddress = $_SERVER["REMOTE_ADDR"];
$url = "https://www.google.com/recaptcha/api/siteverify?secret={$secretkey}&response={$responsekey}&remoteip={$useripaddress}";
$response = file_get_contents($url);
// $response = json_decode($response);
echo $response;
}
require_once("scripts/thecrab.php"); // This connects to the db
$userid = htmlspecialchars($_POST['userid']);
$password = htmlspecialchars($_POST['password']);
$query = "SELECT userid from users where userid = ? and password = PASSWORD(?)";
$stmt = $pdo->prepare($query);
$stmt->execute([$userid, $password]);
if ($stmt->rowCount() && $response->success === "true") {
$_SESSION['valid_recipe_user'] = $userid;
echo "<h2>Log In Successful</h2><br>\n";
echo "<a href=\"index.php\"><img src=\"images/image-11.png\"></a>\n";
} else {
echo "<h2>Sorry, your user account was not validated.</h2><br>\n";
echo "<a href=\"index.php?content=login\">Try again</a><br>\n";
echo "<a href=\"index.php\">Return to Home</a>\n";
}
這裏是確切的if語句和條件問題:
if ($stmt->rowCount() && $response->success === "true") {
// Successful Login. Meaning the userid and password are in the database AND the Google ReCAPTCHA response->success has the value of EXACTLY true.
} else {
// Incorrect Login
}
即使正確的用戶名和密碼,它存在於數據庫中,它不會執行if語句,並跳轉到其他人,不登錄我進去。
**切勿將明文密碼!**請使用*** PHP的[內置函數(HTTP ://jayblanchard.net/proper_password_hashing_with_PHP.html)***來處理密碼安全。如果您使用的PHP版本低於5.5,則可以使用'password_hash()'[兼容包](https://github.com/ircmaxell/password_compat)。 ***在散列之前,不需要[escape passwords](http://stackoverflow.com/q/36628418/1011527)***或使用其他任何清理機制。這樣做*更改密碼並導致不必要的附加編碼。 –
我希望**祕密鑰匙,不是你真正的鑰匙。 – chris85
'如果($ stmt-> rowCount時()'你怎麼認爲的回報? –