1. 首頁
  2. 問答
  3. 未能通過「PHP表單」連接/提交到MySQL

未能通過「PHP表單」連接/提交到MySQL

2017-02-13 57 views
2

我有2個問題。 基本故事:我創建了一個簡單的註冊和登錄系統。
問題1:如果我嘗試註冊一個新的帳戶,然後它說:「用戶註冊失敗」。目前應該說,因爲mysql無法從表單獲取正確的信息。但問題是我不知道爲什麼。一切都似乎是正確的...
Problem2:如果我嘗試與現有的帳戶登錄,然後好像是瀏覽器只刷新頁面,並沒有別的...
註冊與PHP代碼:未能通過「PHP表單」連接/提交到MySQL

<?php 
    require ('insert.php'); 
    // If values posted, insert into the database. 
    if (isset($_POST['username']) && isset($_POST['password'])){ 
     $name = $_POST['name']; 
     $email = $_POST['email']; 
     $username = $_POST['username']; 
     $password = $_POST['password']; 

     // nimi refers to name, it's correct 
     $query = "INSERT INTO `user` (nimi, email, username, password) 
        VALUES('$name', '$email', '$username', '$password')"; 

     //POST retrieves the data. 
     $result = mysqli_query($connection, $query); 

     if($result){ 
      $smsg = "User Created Successfully."; 
     } else { 
      $fmsg = "User Registration Failed"; 
     } 
    } 

    mysqli_close($connection); 
    ?> 
    <html> 
    ... 
    <body> 
    ... 
    <div> 

     <form method="POST" class="form-horizontal" role="form"> 

     <!-- Status, how registering went --> 
     <?php if(isset($smsg)){ ?><div class="alert alert-success" role="alert"> <?php echo $smsg; ?> </div><?php } ?> 
     <?php if(isset($fmsg)){ ?><div class="alert alert-danger" role="alert"> <?php echo $fmsg; ?> </div><?php } ?> 


     <!-- Registration form starts --> 
      <h2>Form</h2><br> 


       <label for="Name"></label> 
       <input name="name" type="text" id="name" maxlength="40" placeholder="Ees- ja perenimi" class="form-control" autofocus> <!-- lopp --> 

       <label for="email"></label> 
       <input name="email" type="email" id="email" maxlength="65" placeholder="Email" class="form-control"> <!-- lopp --> 


       <label for="Username"></label> 
       <input name="username" type="text" id="userName" maxlength="12" placeholder="Kasutajatunnus/kasutajanimi" class="form-control" required> <!-- lopp --> 

       <label for="Password"></label> 
       <input name="password" type="password" id="password" maxlength="12" placeholder="Parool" class="form-control" required> 

<button type="submit" class="btn btn-primary btn-block">Join</button> 
      </form> <!-- /form --> 

     </div> <!-- ./container --> 
    ... 
    </body> 
</html>

登錄:

<?php 
session_start(); 
require ('insert.php'); 

//Is username and password typed? 
if (isset($_POST['username']) and isset($_POST['password'])){ 
    //Making vars from inputs 
    $username = $_POST['username']; 
    $password = $_POST['password']; 
    //Checking existent of values. 
    $query = "SELECT * FROM `liikmed` 
       WHERE username='$username' 
       and password='$password'"; 

    $result = mysqli_query($connection, $query) 
        or die(mysqli_error($connection)); 
    $count = mysqli_num_rows($result); 
    //3.1.2 If values equal, create session. 
    if ($count == 1){ 
     $_SESSION['username'] = $username; 
    } else { 
     //If credentials doesn't match. 
     $fmsg = "Invalid Login Credentials."; 
    } 
} 
//if user logged in, welcome with message 
if (isset($_SESSION['username'])){ 
    $username = $_SESSION['username']; 
    echo "Hai " . $username . ""; 
    echo "This is the Members Area"; 
    echo "<a href='logout.php'>Logout</a>"; 

}else{} 
?> 

<html> 
... 
<body> 
... 
<div id="bg"></div> 


    <form method="POST" class="form-horizontal"> 
     <h2>Login</h2><br> 

     <label for="User"></label> 
     <input name="username" type="text" maxlength="15" placeholder="Username" class="form-control" required autofocus> 

     <label for="Password"></label> 
     <input name="password" type="password" maxlength="50" placeholder="Password" class="form-control" required autofocus> 

     <button type="submit" class="btn btn-primary btn-block">Enter</button> 

</form> 
</div> 
... 
</body> 
</html>

最後的PHP數據庫連接文件(稱爲insert.php):

<?php 
$connection=mysqli_connect("localhost","root","pw"); 
if (!$connection){ 
    die("Database Connection Failed" . mysqli_error($connection)); 
} 
$select_db = mysqli_select_db($connection, 'my_database'); 
if (!$select_db){ 
    die("Database Selection Failed" . mysqli_error($connection)); 
} 
?>

來源

2017-02-13 Rainer Lanemann

+0

相反呼應,比如'$ fmsg =「用戶註冊失敗」一faily無益的消息;'而是捕捉和顯示真正的數據庫錯誤使用(同時測試) '$ result-> error'然後你就會知道出了什麼問題,更重要的是**出了什麼問題** – RiggsFolly

+0

請不要存儲普通的測試密碼**其巨大的安全災難** PHP提供[''password_hash()']( http://php.net/manual/en/function.password-hash.php) 和['password_verify()'](http://php.net/manual/en/function.password-verify.php)請使用米 這裏有一些[有關密碼的好點子(https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet) 如果您使用的是PHP版本5.5之前的[有可以在這裏找到一個兼容包(HTTPS ://github.com/ircmaxell/password_compat) – RiggsFolly

+0

您的腳本存在[SQL注入攻擊]的風險(http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in- php) 看看發生了什麼事[Little Bobby Tables](http://bobby-tables.com/)即使 [如果你是逃避投入,它不安全!](http://stackoverflow.com/問題/ 5741187/sql -injection-that-around-mysql-real-escape-string) 使用[prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements。 php) – RiggsFolly

回答

2

都在你登錄PHP代碼首先,你纔開始一個session,但你沒有告訴從那裏直接到如果登錄成功。在代碼中添加一個header。那是;

if ($count == 1){ 
    $_SESSION['username'] = $username; 
    header("Location: page.php"); //the page you want it to go to 
}

而你的註冊PHP代碼看起來沒問題。如果您在那裏拼錯了任何內容,請檢查您的數據庫表。

來源

2017-02-13 13:07:17

+0

謝謝,我不知道爲什麼我忘了這個...但是,謝謝! :)現在一切都很好。 –

+0

你總是歡迎 –

0

你的邏輯來設置$ _SESSION [「用戶名」]要求的用戶名和密碼組合在數據庫中存在一次。 這可能聽起來很愚蠢,但是您能否確認這種情況(即確認您沒有創建相同的用戶名和密碼組合)。 改變邏輯大於1也會暫時解決這個問題。所以,你的代碼

if ($count == 1){ 
    $_SESSION['username'] = $username; 
}

應該成爲

if ($count > 1){ 
    $_SESSION['username'] = $username; 
}

來源

2017-02-13 13:25:42 asugrue15

相關問題

 相關問題