登錄驗證密碼/確認密碼不起作用。 PHP/MySQL

-1

出於某種原因，我的驗證密碼不工作在我的PHP。不知道這是命令還是我錯過了一些東西。如果密碼不正確，我希望它不允許用戶登錄。登錄驗證密碼/確認密碼不起作用。 PHP/MySQL

下面的HTML和PHP。

<HTML> 
 

 
    <HEAD> 
 
    <TITLE> Programming </TITLE> 
 
    <link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css"> 
 
    <LINK REL="stylesheet" TYPE="text/css" href="homework2.css"> 
 

 
    </HEAD> 
 
    <BODY> 
 

 
     <!-- CSS for http://the7.dream-demo.com/ --> 
 

 
     <div id="container"> 
 
     
 
     <div id="header"> 
 
      <div class="menuitem"> <a href="home.html">Home</a> </div> 
 
      <div class="menuitem"><a href="products.html">Products</a></div> 
 
      <div class="menuitem"><a href="cases.html">Case Studies</a></div> 
 
      <div class="menuitem"><a href="pricing.html">Pricing</a></div> 
 
      <div class="menuitem"><a href="aboutus.html">About Us</a></div> 
 
     </div> 
 

 
     <div id="bodycontent"> 
 
      
 
      <div id="banner"> 
 
      <div id="bannerleft"> <h1> We make you better athletes. Find out how! </h1> </div> 
 
      <div id="signin"> 
 
       
 
      <form class="well form-inline" action="login.php" method="post"> 
 

 
       <input type="text" class="input-small" placeholder="Email" name="email" > 
 
       <input type="password" class="input-small" placeholder="Password" name="password"> 
 
       <br><br> 
 

 
<!-- 
 
    If you do not want to use twitter bootstrap css then you should uncomment next 6 lines and uncomment the 
 
    above 2 lines that provide input boxes 
 

 
\t  <label for="email">Email:</label> 
 
\t  <input type="text" name="email" id="email"> 
 
\t  <br> 
 
\t  <label for="password">Password:</label> 
 
\t  <input type="password" name="password" id="password"> 
 
\t  <br> 
 
    --> 
 

 
    <input type="submit" name="submit" id="logmein" value="Log In"> 
 
    </form> 
 
    
 
</div> 
 

 
</div> 
 
<div id="featurestrip"> 
 

 
    
 
    <div id="signup"> 
 

 
    <form action="signup.php" method="post"> 
 

 
     
 
    <label for="firstname">Firstname:</label> 
 
    <input type="text" name="signup-firstname" id="signup-firstname"> 
 
    <br> 
 

 
    <label for="lastname">Lastname:</label> 
 
    <input type="text" name="signup-lastname" id="signup-lastname"> 
 
    <br> 
 

 
    <label for="email">Email:&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</label> 
 
    <input type="text" name="signup-email" id="signup-email"> 
 
    <br> 
 
    <label for="password">Password:</label> 
 
    <input type="password" name="signup-password" id="signup-password"> 
 
    <br> 
 
    <label for="password">Reconfirm Password:</label> 
 
    <input type="password" name="signup-repassword" id="signup-repassword"> 
 
    <br><br> 
 
    <input type="submit" name="signmeup" id="signmeup" value="Sign Me Up!"> 
 
    </form> 
 

 
</div> 
 

 
<div id="featureright"> <p>Sign up and find out more on how we can help. Pricing starts at $19.95 a month. </p> 
 
    <p><h3>Premium service starts at $49.95.</h3></p> 
 

 
</div> 
 

 

 
</div> 
 
<div id="corefeatures"> 
 

 

 

 
<img height="200px" src="http://www.hockeymanitoba.ca/wp-content/uploads/2013/02/ltad-model.jpg"> 
 
</div> 
 

 
<div id="testimonials"> Testimonial 
 
    <img height="200px" src="http://www.neuroexplosion.com/storage/development%20model%20jpeg.jpg?__SQUARESPACE_CACHEVERSION=1305662626397"> 
 

 
    <img height="200px" src="http://www.phecanada.ca/sites/default/files/physical_literacy/LTAD_FMS.jpg"> 
 
</div> 
 
     <!-- 
 
     <div id="portfolio"> Portfolio</div> 
 
     <div id="skills"> Skills</div> 
 
    --> 
 
    </div> 
 
    
 
    <div id="footer">Copyright Notice. All Rights Reserved. 2014</div> 
 

 
</div> 
 

 
    
 
</BODY> 
 
</HTML>

PHP

<?php 



$mysql_hostname = 'localhost'; 
$mysql_user = 'username'; 
$mysql_password = 'password'; 
$mysql_database = 'db_users2015'; 

$connect = mysql_connect($mysql_hostname, $mysql_user, $mysql_password) 
or die ("Couldn't connect"); 

echo "<BR>Connection Successful"; 

    //to put data into database 
    //select database 
    $db_selected= mysql_select_db($mysql_database, $connect) 
    or die ("Couldn't connect to the database"); 

    $email= $_POST['email']; 
    $password= $_POST['password']; 

$sql = "SELECT COUNT (*) FROM users WHERE email= '{$_POST['email']}' AND password= '{$_POST['password']}'"; 
$sql_result = mysql_query($sql); 

if(["email"]==$email &&["password"]==$password) 
    echo ("Login Successful."); 

else{ 
    die("Wrong Password."); 
    } 


$sql = "SELECT COUNT(*) FROM users WHERE email= '{$_POST['email']}'"; 
$sql_result = mysql_query($sql); 
if (mysql_result($sql_result, 0)<1) 
{ 
die("<BR>Email address not found"); 
} 

else{ 
    echo "Login Successful!"; 
} 




?>

來源

2015-10-15 ruwadidr

和昨天一樣的音符。您正在測試的密碼是否包含報價？還有什麼是[[「email」]和'[「password」]'？如果'$ sql_result'爲true，那麼你不需要那麼那麼電子郵件和密碼匹配。但不這樣做，用戶輸入與查詢分開。 – chris85

我看到你在那裏提到，我改變了引用來匹配，今天再次感謝你的幫助chris85。我試圖使用電子郵件和密碼來匹配數據庫中的電子郵件和密碼，以確保它是正確的登錄名。你是說我不需要在下面的部分添加這些變量？如果（$ sql_result [「email」] == $ email && $ sql_result [「password」] == $ password） echo（「Login Successful。」）; 其他{ die（「密碼錯誤」）; } – ruwadidr

是的，如果它在匹配的SQL中匹配，則不需要再次檢查......但是不要將用戶輸入直接傳遞給你的SQL;並且不要以明文形式存儲密碼至少爲md5。有更多的教程，線程和函數可供更好的方法使用。你應該更新到'mysqli'或'pdo'驅動程序。 – chris85

你已經在你的查詢只COUNT(*)選擇從數據庫，在那裏的電子郵件和密碼是你從形式，而不是收到了同樣的列來比較，你也忘了mysql_fetch_assoc從數據庫中取行，試試這個：

$sql = sprintf("SELECT COUNT(*) as qty FROM users WHERE email= '%s' and password = '%s'", mysql_real_escape_string($_POST['email']), mysql_real_escape_string($_POST['password'])); 
$result = mysql_query($sql); 
$row = mysql_fetch_assoc($result); 

if ($row['qty']) {...

來源

2015-10-15 16:30:14

所以，我編輯這個來添加其他$ sql_result，即使密碼正確，仍然沒有運氣，它仍然處於錯誤密碼狀態。 – ruwadidr

沒有關於這個查詢的想法有多糟糕的注意事項？ 'SELECT COUNT（*）as qty FROM users WHERE email ='{$ _POST ['email']}'' – chris85

@ruwadidr現在試試，我忘了mysql_fetch_assoc，並且在您的查詢中只選擇了COUNT（*），而不是列... –

我沒有收到，爲什麼你使用2個單獨的查詢來檢查用戶。但是，這是你的要求，所以我根據問題張貼了我的答案。

<?php 
$mysql_hostname = 'localhost'; 
$mysql_user = 'username'; 
$mysql_password = 'password'; 
$mysql_database = 'db_users2015'; 

$connect = mysql_connect($mysql_hostname, $mysql_user, $mysql_password) 
or die ("Couldn't connect"); 

echo "<BR>Connection Successful"; 

$db_selected= mysql_select_db($mysql_database, $connect) or die ("Couldn't connect to the database"); 

$email= $_POST['email']; 
$password= $_POST['password']; 

$QueryEmail = mysql_query("SELECT * FROM users WHERE email= '$email'"); 
$CountResultEmail=mysql_num_rows($QueryEmail); 

if($CountResultEmail==1) 
{ 
    echo "Correct Email"; 

    $QueryPassword=mysql_query("SELECT * FROM users WHERE email= '$email' AND password='$password'"); 
    $CountResultPassword=mysql_num_rows($QueryPassword); 
    if($CountResultPassword==1) 
    { 
     echo "Login Successful"; 
    } 
    else 
    { 
     echo "Wrong Password"; 
    } 
} 
else 
{ 
    echo "Wrong Email"; 
} 
?>

您可以在一個查詢中檢查電子郵件&密碼。你也可以使用它。

<? 
. 
. 
$email= $_POST['email']; 
$password= $_POST['password']; 

$QueryResult = mysql_query("SELECT * FROM users WHERE email= '$email' AND password='$password'"); 
$CountResult=mysql_num_rows($QueryResult); 

if($CountResult==1) 
{ 
    echo "Login Successfull"; 
} 
else 
{ 
    echo "Wrong Credentials"; 
} 
?>

來源

2015-10-15 17:23:07

登錄驗證密碼/確認密碼不起作用。 PHP/MySQL

回答

相關問題