2012-10-06 103 views
-2

我已經做了足夠的研究,登錄時它不會重定向我的資源頁面的情況下也正確的密碼..我之前嘗試SHA1的密碼,但首先處理更簡單的情況下,我刪除它。 當我問NAME ='$ usr', 因爲我有用戶名作爲用戶名, 如果我也輸入用戶,它不會顯示錯誤的用戶名,在終端上,如果我們嘗試這個,用戶名'用戶'或'用戶'它顯示了同樣的事情。登錄不工作,而註冊是

<?php 
    $con = mysql_connect("localhost","root","*****"); 
    session_start(); 
if(isset($_POST['submit1'])) 
    { 
      if (!$con) 
      { 
        die("OOPS!Could not connect to server".mysql_error()); 
      } 
        $passwd = $_POST['password']; 
        $usr=$_POST['username']; 
        mysql_select_db('USERS',$con) or die(mysql_error()); 
        $result = mysql_query("SELECT PASSWD FROM USERS WHERE USERNAME='$usr'",$con) Or die(mysql_error()); 
        $pass = mysql_result($result,0); 
        if ($pass==$passwd) { 
          header('Location : resource.html');} 
        else 
          {echo "sorry $usr wrong username or password"; } 

    } 
else if(isset($_POST['submit2'])) 
    { 
      $usr = $_POST['user']; 
      $passwd = $_POST['password1']; 
      $name = $_POST['fullname']; 
      mysql_select_db('USERS',$con) or die(mysql_error()); 
      $result = mysql_query("SELECT * FROM USERS WHERE USERNAME='$usr'",$con) Or die(mysql_error()); 
      $num = mysql_num_rows($result); 
      if ($num==0) { 
      mysql_query("INSERT INTO USERS(NAME,USERNAME,PASSWD) VALUES('$name','$usr','$passwd')"); 
      echo "congrats! you have been added.Go back to resources and log in"; 
      } 
      else echo "Someone already has that username. Go back and try with another username"; 
    } 

mysql_close($con); 
?> 
+0

加上'semicolon'在年底'echo'上方的行恭喜...' – air4x

+0

請不要在實時web服務器上使用該代碼 - 您可能會面臨SQL注入攻擊。永遠不會將$ _POST數組元素直接傳遞給MySql,而不會正確轉義它們。 – Matt

+0

你看到我只是一個星期到HTML/PHP的世界。你可以請詳細說明並建議更多的東西.. –

回答

1

你缺少一個分號之前的回聲

mysql_query("INSERT INTO USERS(NAME,USERNAME,PASSWD) VALUES('$name','$usr','$passwd')");//<-- right here 
echo "congrats! you have been added.Go back to resources and log in"; 

而且你不消毒用戶輸入,看着準備好的語句(PDOmysqli

+0

right done that .. but now still added and that entered username,passwd it does not redirect me to resource.html(if(submit1)code for login,not registereding) –

+0

@sum use'header('Location:resource。 html');'重定向 – Musa

+0

嘗試過,但仍然出現空白頁面。沒有重定向 –