1. 首頁
  2. 問答
  3. 檢查電子郵件和密碼是否正確

檢查電子郵件和密碼是否正確

2014-09-30 109 views
0

我需要確認電子郵件和密碼是否正確,但它可以與我輸入的任何密碼一起使用。有什麼問題?下面是代碼:檢查電子郵件和密碼是否正確

<?php 
if(isset($_POST['submit'])){ 
    $email = mysql_real_escape_string($_POST['email']); 
$pass = $_POST['password']; 
$hash = hash("sha512", $pass); 
$hash1 = hash("whirpool", $hash); 
$hash2 = hash("sha384", $hash1); 
$password = $hash2; 

    $query=mysql_query("SELECT * FROM register WHERE email='$email' AND password='$password'") or die(mysql_error()); 
    $count=mysql_num_rows($query); 
if($count==1){ 

    while ($row=mysql_fetch_array($query)) { 
    $username=$row['username']; 
    $heslo=$row['password']; 
    $_SESSION['valid'] = $username; 
if(isset($_SESSION['valid'])){ 
     $realtime = date("d-m-Y h:i:s"); 
     $session = $_SESSION['valid']; 
     echo "<script> window.location.replace('index.php'); 
</script>"; 
header("Location: index.php"); 
    }else{ 
     echo "Přihlášení neproběhlo správně"; 
    } 
} 
} 
} 
?>

來源

2014-09-30 user2808698

+1

什麼與所有的哈希?只要sha512就足夠了。 – Daan 2014-09-30 14:26:03

+0

@達安這只是測試。我知道,我只會使用sha512。 – user2808698 2014-09-30 14:27:35

+0

在你的數據庫中你是否存儲密碼的加密值? – 2014-09-30 14:28:03

回答

1

你面臨的問題是,你拼寫錯誤「旋渦」它應該是「漩渦」

來源

2014-09-30 14:28:58 Daan

+0

謝謝,但它仍然沒有工作 – user2808698 2014-09-30 14:30:23

+0

@ user2808698 :debuggin 101:'echo' - 「如果給定的algo參數包含不支持的算法,則散列函數將返回bool(false)併發出警告。」 – 2014-09-30 14:30:48

0

我已經改變了代碼一點,這似乎是工作。花括號順序是爲你搞亂的,因爲else指向不正確的if。

我已經在整個腳本中添加了評論,所以你可以看到我想說的話。

mysql_connect('localhost','user','pass'); 
mysql_select_db('test'); 

# You can use your post methods, I've used these for testing. 
$email = mysql_real_escape_string('email'); 
$pass = $_GET['pw']; 


$hash = hash("sha512", $pass); 
$hash1 = hash("whirlpool", $hash); 
$hash2 = hash("sha384", $hash1); 
$pass = $hash2; 

# Now you can see the PW input 
echo $pass."<br>"; 

# Nonsense 
$password = $pass; 

    # By using $sql you can echo your query to see what results would it yield upon running it. 
    $sql = "SELECT * FROM test WHERE em='$email' AND pw='$password'"; 
    $query=mysql_query($sql) or die(mysql_error()); 
    $count=mysql_num_rows($query); 

    # Echo stuff to see what their results are 
    echo $sql."<br>"; 
    echo $count."<br>"; 


    # Let's see if we all got it right? 
    if($count==1){ 

    while ($row=mysql_fetch_array($query)) { 
    $username=$row['un']; 
    $heslo=$row['pw']; 
    $_SESSION['valid'] = $username; 

if(isset($_SESSION['valid'])){ 
     $realtime = date("d-m-Y h:i:s"); 
     $session = $_SESSION['valid']; 

     # Commented out for testing purposes. I mean the header. 
     echo "all is well"; 
     //header("Location: index.php"); 
} // this closes the if(isset... 
} // this closes the while loop 
# Note that the curly brackets have changed. Now the else points correctly to the other branch if $count is not equal to 1. 
} else { 
     echo "Přihlášení neproběhlo správně"; 
    }

來源

2014-09-30 14:34:18

+0

@ user2808698 - 你可以測試這個請看它是否工作? – 2014-10-01 06:28:19

相關問題

 相關問題