1. 首頁
  2. 問答
  3. 代碼登錄和數據庫連接在PHP

代碼登錄和數據庫連接在PHP

2014-01-28 92 views
-1

它不工作,我花了幾個小時和一半的頭髮試圖找出原因。我已經在我的HTML索引文件嵌入這個代碼的形式:代碼登錄和數據庫連接在PHP

我想創建登錄和註銷會話

我在MySQL數據庫表中的代碼看起來像這樣

CREATE TABLE member (id int(10) NOT NULL auto_increment, userName varchar(50) NOT NULL, passWord varchar(50) NOT NULL, PRIMARY KEY (id)) ENGINE=MyISAM utf8_general_ci AUTO_INCREMENT=3 ; 

<?php 

    // Inialize session 

    session_start(); 
    // Include database connection settings 
    $hostname = 'localhost';  // Your MySQL hostname. Usualy named as 'localhost',  so you're NOT necessary to change this even this script has already  online on the internet. 
    $dbname = 'database'; // Your database name. 
    $username = 'root';    // Your database username. 
    $password = '';     // Your database password. If your database has no   password, leave it empty. 

    // Let's connect to host 
    mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed,  perhaps the service is down!'); 
    // Select the database 
     mysql_select_db($dbname) or DIE('Database name is not available!'); 


     // Retrieve username and password from database according to user's input 
    $userName=mysql_real_escape_string($_POST['username']); 
    $password=mysql_real_escape_string($_POST['password']); 
    $passWord=md5($password); // Encrypted Password 

     //*********retrieving data from Database********** 

     $query = "SELECT * FROM member WHERE userName='$userName' and passWord='$passWord'"; 
     //$login = mysqli_query("SELECT userName,password FROM 'member' WHERE userName=   $_post['username'] AND passWord= $_post['password'])"); 
     // Check username and password match 
     $res = mysql_query($query); 

     $rows = mysql_num_rows($res); 
     if ($rows==1) { 
     // Set username session variable 

     $_SESSION['userName'] = $_POST['username']; 

    // Jump to secured page 
     header("Location: securedpage.php"); 
    } 
    else { 
    // Jump to login page 
    echo "user name and password not found"; 
    } 
    exit; 
    ?>

而登錄它直接找到用戶名和密碼,甚至找不到用戶名和密碼,甚至用戶名和密碼都是正確的

來源

2014-01-28 user3242335

+1

這應該很容易調試。你到目前爲止做了哪些故障排除? –

+1

這裏有很多紅旗 - 'mysql_'棄用,純文本密碼存儲,沒有MySQL root密碼等。我建議在谷歌搜索「PHP MySQL登錄」之後從頭開始重新考慮這個 – jterry

+0

@ jterry密碼可能已被刪除而不是把它粘貼到世界上去看......但是,這裏有很多問題。 – naththedeveloper

回答

0

假定您只是將此用於學習目的而非實際應用

您應該檢查你的數據庫設置和照顧,所有的東西都在的地方,那麼你需要從那裏你會做後這個PHP文件的形式,這裏是小更新:

<?php 

    session_start(); 
    $hostname = 'localhost'; 
    $dbname = 'yourdatabase'; 
    $username = 'root'; 
    $password = 'yourpassword'; 
    mysql_connect($hostname, $username, $password) or DIE('Connection to host isailed, perhaps the service is down!'); 
    mysql_select_db($dbname) or DIE('Database name is not available!'); 

    $userName=mysql_real_escape_string($_POST['username']); 
    $passWord=md5(mysql_real_escape_string($_POST['password'])); 
    $query = "SELECT id FROM member WHERE userName='$userName' and passWord='$passWord'"; 
    $res = mysql_query($query); 
    $rows = mysql_num_rows($res); 
    if ($rows==1) 
    { 
     $_SESSION['userName'] = $_POST['username']; 
     header("Location: securedpage.php"); 
    } 
    else 
    { 
     echo "user name and password not found"; 
     // TODO - replace message with redirection to login page 
     // header("Location: securedpage.php"); 
    }

>

這應該工作,但要記住這個代碼必須重新寫上不同的方式,否則這一個有一個大的安全問題等。

在DB設置小幅盤整

CREATE TABLE member (id int(10) NOT NULL auto_increment, userName varchar(50) NOT NULL, passWord varchar(50) NOT NULL, PRIMARY KEY (id)) ENGINE=MyISAM;

來源

2014-01-28 15:56:03 vaske

0

這裏是代碼....修改並嘗試

<?php 
session_start(); 

$connect = mysql_connect('localhost', 'root', '') or die('Database could not connect'); 
$select = mysql_select_db('test', $connect) or die('Database could not select'); 

if (isset($_POST['submit'])) { 
    $username = $_POST['username']; 
    $password = $_POST['password']; 
    chckusername($username, $password); 
} 

function chckusername($username, $password){ 

    $check = "SELECT * FROM login WHERE username='$username'"; 
    $check_q = mysql_query($check) or die("<div class='loginmsg'>Error on checking Username<div>"); 

    if (mysql_num_rows($check_q) == 1) { 
     chcklogin($username, $password); 
    } 
    else{ 
     echo "<div id='loginmsg'>Wrong Username</div>"; 
    } 
} 

function chcklogin($username, $password){ 

    $login = "SELECT * FROM login WHERE username='$username' and password='$password'"; 
    $login_q = mysql_query($login) or die('Error on checking Username and Password'); 

    if (mysql_num_rows($login_q) == 1){ 
     echo "<div id='loginmsg'> Logged in as $username </div>"; 
     $_SESSION['username'] = $username; 
     header('Location: member.php'); 
    } 
    else { 
     echo "<div id='loginmsg'>Wrong Password </div>"; 
     //header('Location: login-problem.php'); 
    } 
} 
?>

來源

2016-05-22 04:56:36 thenish

+1

你能否詳細說明你改變了什麼,這樣讀者就不必做差異來找出問題所在? – Noumenon

相關問題

 相關問題