1. 首頁
  2. 問答
  3. 不知道SQL或PHP錯誤

不知道SQL或PHP錯誤

2013-09-23 45 views
0

我目前正在跟蹤在Youtube上觀看教程稱爲註冊&登錄/亞歷克斯從Phpacademy PHP的教程..我在第5部分,這裏是login.php中不知道SQL或PHP錯誤

<?php 
include 'core/init.php'; 

if (empty($_POST) === false) { 

    $username = $_POST['username']; 
    $password = $_POST['password']; 

    if (empty($username) === true || empty($password) === true) { 

     $errors[] = 'You need to enter a username and password '; 

    } else if (user_exists($username) === false) { 
     $errors[] = 'We couldn\'t find that username. Have you registered?'; 
    } 
    else if (user_active($username) === false){ 
     $errors[] = 'You havn\'t activated your account!'; 
    } 
    else { 
     $login = login($username, $password); 
     if ($login === false) { 
      $error[] = 'That username/password combination is incorrect'; 
     } else { 
     $_SESSION['user_id'] = $login; 
     header('Location: index.php'); 
     exit(); 
     } 
    } 

} 

print_r($errors); 

?>

這裏users.php

<?php 

function user_exists($username) { 
$username = sanitize($username); 
return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '.$username'"), 0) == 1) ? true : false; 
} 

function user_active($username) { 
$username = sanitize($username); 
return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '.$username' AND `active` = 1 ") , 0) == 1) ? true : false; 

} 

function user_id_from_username($username){ 

    $username = sanitize($username); 
    return mysql_result (mysql_query("SELECT `user_id` FROM `users` WHERE `username` = '$username' "), 0, 'user_id'); 

} 
function login($username, $password){ 

    $user_id = user_id_from_username($username); 
    $username = sanitize($username); 
    $password = md5($password); 
    return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '.$username' AND `password` = '.$password'"), 0) == 1) ? $user_id : false; 
} 
?>

,這裏是輸出Array ([0] => We couldn't find that username. Have you registered?)

是新來的,事先

道歉

來源

2013-09-23 ATP

+2

**警告**您的代碼易受sql注入攻擊。 –

+2

也,不要只是做一個MD5來存儲你的密碼。包括鹽。 –

+1

@DanielAWhite你怎麼知道?他沒有分享他的消毒方法 – sircapsalot

回答

0 
WHERE `username` = '.$username' AND `password` = '.$password'"

取出點

來源

2013-09-23 19:17:45 Mihai

+0

我這樣做是故意的,因爲它告訴我這個警告:mysql_result()期望參數1是資源,在C:\ xampp \ htdocs \ Core \ users中給出布爾值。php 10行 Array([0] =>您還沒有激活您的帳戶!) 我已經將值更改爲1 – ATP

0

你的SQL查詢,將要返回壞的結果。否則,如果您輸入的用戶名是jond,您將在數據庫中搜索.jond

return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '.$username'"), 0) == 1) ? true : false;

查詢$username$password之前取出.

"SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username'"

來源

2013-09-23 19:18:15 SamT

0

您的查詢需要稍微調整一下。刪除用戶名前面的句號,因爲它位於雙引號內

return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username'"), 0) == 1) ? true : false;

對於該文件中的其他查詢,這同樣適用。正如評論中提到的那樣,您應該從已棄用的mysql_ *函數切換到PDO/mysqli,以便您的代碼在未來的PHP版本中仍能正常工作,並且不會對注入攻擊開放。

來源

2013-09-23 19:18:29 aynber

0

你的代碼總體上很可怕。你應該不是嵌套你的mysql調用。像這樣的嵌套意味着你認爲數據庫操作將會失敗從不。這是一個非常糟糕的假設。

話雖這麼說,這裏是你的問題至少一種來源:

return (...snip ... WHERE `username` = '.$username'"), 0) == 1) ? true : false; 
             ^--- here

您已經嵌入在查詢.,讓所有的用戶名看起來像.foo,而不是僅僅foo。存在問題user_exists(),user_active()login()

來源

2013-09-23 19:19:07

+0

我故意這樣做,因爲它向我展示了此警告:mysql_result()期望參數1作爲資源,在第10行的C:\ xampp \ htdocs \ Core \ users.php中給出的布爾值Array([0] =>您沒有激活您的帳戶!)我已經將值更改爲1 – ATP

相關問題

 相關問題