以下是我的php登錄腳本,有一個問題。如果我把任何密碼,那麼它不驗證密碼,它會進入用戶面板頁面。哪裏是我的代碼中的錯誤,誰能告訴我正確的方向Php登錄問題
N:B:我在PHP新也是新的在這個網站。
<?php
if(isset($_POST['action']) && isset($_POST['action']) == 'Log In')
{
$uname = mysql_real_escape_string(trim(htmlspecialchars($_POST['uname'])));
$pass = mysql_real_escape_string(trim(htmlspecialchars($_POST['pass'])));
$crytpass = hash('sha512','$pass');
$err = array();
include_once("toplevel/content/manage/dbcon/dbcon.php");
// check username
$check_uname = mysql_query("SELECT uname FROM members WHERE uname = '$uname'");
$num_uname = mysql_num_rows($check_uname);
// check password
$check_pass = mysql_query("SELECT pass FROM members WHERE pass = '$crytpass'");
$num_pass = mysql_num_rows($check_pass);
/// userid
$userid = mysql_query("SELECT userid FROM members");
$re = mysql_fetch_array($userid);
$userid = (int) $re['userid'];
if(isset($uname) && isset($pass))
{
if(empty($uname) && empty($pass))
$err[] = "All field required";
else
{
// username validation process....
if(empty($uname))
$err[] = "Username required";
else
{
if($num_uname == 0)
$err[] = "Username is not correct";
}
// password validaiton process...
if(empty($pass))
$err[] = "Password required";
else
{
if($num_pass == 0)
$err[] = "Password is not correct";
}
}
}
if(!empty($err))
{
foreach($err as $er)
{
echo "<font color=red>$er<br></font>";
}
}
else
{
include("user/include/newsession.php");
header("Location:user/index.php");
}
}
?>
我認爲你需要閱讀一些PHP基礎知識。我想你明白了基本的想法,你只需要弄清楚什麼時候使用什麼功能來達到目的。 – 2012-04-05 13:19:23
爲什麼你要做三個不同的查詢來從你的'members'表中獲取數據?您在第一個查詢中選擇了一個字段,在下一個查詢中選擇了一些(不一定相關)用戶的加密密碼,然後在成員表中選擇*每個用戶id。 – Crontab 2012-04-05 13:19:27
你應該做1查詢檢查所有發佈的值,溝這個代碼,並重新開始.. – 2012-04-05 13:20:26