1. 首頁
  2. 問答
  3. jquery手機登錄表格與PHP

jquery手機登錄表格與PHP

2015-06-15 87 views
0

我一直在努力與代碼永遠!我一直得到無效的密碼錯誤,然而無論多少次我調整散列的位置或檢查密碼的位置,即使我爲不同的用戶輸入了正確的密碼,我仍然可以得到密碼......我真的需要一些幫助! 的「用戶」在我的數據庫表是 ID 用戶名密碼 (SHA1) fullnames mobile_no 用戶類型 這是目前我正在去上班的代碼!jquery手機登錄表格與PHP

 <body> 
     <div data-role="page" id="login"> 
     <div data-role="header" data-theme="c"> 
      <h2 align="center"><strong>Sign In</strong></h2> 
     </div> 
     <div data-role="content"> 
      <form name="login" class="ui-corner-all" method="post" action=""> 
      <label for="username" class="ui-hidden-accessible">Username:</label> 
      <input type="text" id="username" name ="username" placeholder="Username" required> 
      <br> 
      <br> 
      <label for="password" class="ui-hidden-accessible">Password:</label> 
      <input type="password" id="password" name ="password" placeholder="Password" required> 
      <br> 
      <fieldset class="ui-grid-a"> 
      <div class="ui-block-a"> 
      <input name="login" type="submit" id="login" formmethod="POST"   value ="login" data-ajax="false" data-theme="b"> 
      </div> 
      <div class="ui-block-b"> 
      <a href="Registration.html" data-ajax="false" data-role="button"  data-theme="b">Not a user? Sign Up</a></div> 
     </fieldset> 
      </form> 
      <?php 
     if (isset($_POST["login"]) && !empty($_POST["login"])) { 

     $user = stripslashes($_POST['username']); 
     $pass = stripslashes($_POST['password']); 
     $user = mysqli_real_escape_string($link, $_POST['username']); 
     $pass = mysqli_real_escape_string($link, hash("SHA1",($_POST['password']))); 

     if ($user && $pass) { // CHECK ALL FIELD HAS BEEN FILLED UP 

     // QUERY FROM DATABASE 
     $sql = "SELECT * FROM users WHERE username='".$user."'"; 
     $query =mysqli_query($link,$sql) or die(mysqli_error($link)); 

     $numrows = mysqli_num_rows($query); 

     if($numrows !== 0) 
     { 
     while ($row = mysqli_fetch_assoc($query)) 
     { 
      $username = $row['username']; 
      $password = $row['password']; 

      } 

      if($user==$username && $pass==$password) 
      { 
       echo "you are logged in"; 
       @$_SESSION['username'] = $username; 
       } 

       else { 
        echo "your password is incorrect";  
        } 
     } 
        else 
         die ("that user doesn't exist!"); 
        } 
        else 
         die ("Please enter a username and password"); 
     } 


      ?>

來源

2015-06-15 Bfive

+1

什麼是你的問題?什麼是錯誤? –

+0

如果您打印'$ pass'值,該怎麼辦?它是否與數據庫值相同?嘗試逐步調試它。 –

+0

嘿小弟......我的問題是我在做什麼錯了代碼?我不斷收到密碼是不正確的... – Bfive

回答

0

您的代碼工作正常。我得到「您已登錄」。 我只是說在session_start()和mysqli_real_escape_string替代變量()

<body> 
    <div data-role="page" id="login"> 
     <div data-role="header" data-theme="c"> 
      <h2 align="center"> 
       <strong>Sign In</strong> 
      </h2> 
     </div> 
     <div data-role="content"> 
      <form name="login" class="ui-corner-all" method="post" action=""> 
       <label for="username" class="ui-hidden-accessible">Username:</label> 
       <input type="text" id="username" name="username" 
        placeholder="Username" required> <br> <br> <label for="password" 
        class="ui-hidden-accessible">Password:</label> <input 
        type="password" id="password" name="password" 
        placeholder="Password" required> <br> 
       <fieldset class="ui-grid-a"> 
        <div class="ui-block-a"> 
         <input name="login" type="submit" id="login" formmethod="POST" 
          value="login" data-ajax="false" data-theme="b"> 
        </div> 
        <div class="ui-block-b"> 
         <a href="Registration.html" data-ajax="false" data-role="button" 
          data-theme="b">Not a user? Sign Up</a> 
        </div> 
       </fieldset> 
      </form> 
      <?php 
      $link = new mysqli("localhost", "root", "root", "test"); 
      /* check connection */ 
      if (mysqli_connect_errno()) { 
       printf("Connect failed: %s\n", mysqli_connect_error()); 
       exit(); 
      } 

      if (isset($_POST["login"]) && !empty($_POST["login"])) 
      { 
       $user = stripslashes($_POST['username']); 
       $pass = stripslashes($_POST['password']); 
       $user = mysqli_real_escape_string($link, $user); 
       $pass = mysqli_real_escape_string($link, hash("SHA1",($pass))); 

       if ($user && $pass) { // CHECK ALL FIELD HAS BEEN FILLED UP 


        // QUERY FROM DATABASE 
        $sql = "SELECT * FROM users WHERE username='".$user."'"; 
        $query =mysqli_query($link,$sql) or die(mysqli_error($link)); 

        $numrows = mysqli_num_rows($query); 

        if($numrows !== 0) 
        { 
         while ($row = mysqli_fetch_assoc($query)) 
         { 
          $username = $row['username']; 
          $password = $row['password']; 
         } 

         if($user==$username && $pass==$password) 
         { 
          session_start(); 
          echo "you are logged in"; 
          @$_SESSION['username'] = $username; 
         } 
         else 
         { 
          echo "your password is incorrect"; 
         } 
        } 
        else 
         die ("that user doesn't exist!"); 
       } 
       else 
        die ("Please enter a username and password"); 
      } 
      ?> 
     </div> 
    </div> 
</body>

來源

2015-06-15 13:55:55 AnkiiG

+0

我擺脫了錯誤...但我仍然得到密碼不正確的調整,但代碼更好,但! – Bfive

+0

請回顯$ sql並在數據庫編輯器或命令提示符下運行它。讓我知道當你運行它時會得到什麼結果。 – AnkiiG

+0

這就是當我把它作爲回顯錯誤(SELECT * FROM users WHERE username ='eliza')時得到的結果 – Bfive

相關問題

 相關問題