1. 首頁
  2. 問答
  3. 登錄和註冊系統

登錄和註冊系統

2016-07-14 356 views
1

我有一個小問題,我的登錄&註冊系統,但我不知道問題出在哪裏。當我按「登錄」或「註冊」時,下一頁是白色的。我只看到我的消息:「再試一次!」。我做了3 PHP文件:登錄和註冊系統

1)的index.php

<!DOCTYPE html> 
 
<html> 
 
<head> 
 
</head> 
 
<body> 
 
     <form action="logreg.php" metodh="post" accept-charset="utf-8"> 
 
\t <label>Username:</label><input type="text" name="username" placeholder="Username"> 
 
\t <br> 
 
\t <label>Password:</label><input type="password" name="password" placeholder="Password"> 
 
\t <br> 
 
\t <input type="submit" name="login" value="Login"> 
 
\t <input type="submit" name="register" value="Register"> 
 
     </form> 
 
\t  
 
</body> 
 
</html>

我認爲這個問題是在未來的文件:

2)logreg.php

<?php 
 

 
$servername = "localhost"; 
 
$username = "alex"; 
 
$password = "calamar28"; 
 
$database = "register/login"; 
 

 
$conn = mysqli_connect($servername, $username, $password, $database); 
 

 
if(!$conn){ 
 
\t die("Connection failde:".mysqli_connect_error()); 
 
} 
 

 
if(isset($_POST["login"])) { 
 
\t $user = $_POST['username']; 
 
\t $pass = $_POST['password']; 
 
\t 
 
\t $sql = "SELECT * FROM users WHERE username='$user' AND password='$pass';"; 
 
\t 
 
\t $result = mysqli_query($conn, $sql); 
 
\t $count = mysqli_num_rows($result); 
 
\t 
 
\t if ($count == 1) 
 
\t { 
 
\t \t header("Location: personal.php"); 
 
\t } 
 
\t else 
 
\t { 
 
\t \t echo "Username or password is incorrect!"; 
 
\t } 
 
\t 
 
} 
 
else if(isset($_POST["register"])) { 
 
\t $user = $_POST['username']; 
 
\t $pass = $_POST['password']; 
 
\t 
 
\t $sql = "INSERT INTO users (id, username, password) VALUES ('', '$user', '$pass')"; 
 
\t 
 
\t $result = mysqli_query($conn, $sql); 
 
} 
 
else 
 
{ 
 
\t echo "Try again!"; 
 
} \t 
 
?>

3)personal.php

<?php 
 

 
if(isset($_POST["login"])){ 
 
\t echo "Welcome to you personal area !"; 
 
\t echo '<a href = "proiect4.php">Your proiect</a>'; 
 
} 
 
else 
 
{ 
 
\t echo "You are not logged in!"; 
 
} 
 
?>

來源

2016-07-14 Alex Costy

+6

錯字在'form'標籤 - 'metodh = 「後」'。 – andrewsi

+0

用於mysqli的安全哈希密碼的登錄存根[此處](http://stackoverflow.com/a/33665819)。 PDO鏈接在底部。如果您在「where」子句中輸入了密碼,則表示您做錯了(即:明文密碼或定時攻擊漏洞)。因此,作爲試金石,如果在'where'條款中以任何方式*引用密碼,則該系統設計得不好。 – Drew

+0

更不用提你的設置的整個SQL注入問題。看看它對這個人做了什麼[這裏](http://stackoverflow.com/questions/38297105/mysql-real-escape-string-not-working-for-this-specific-example-mysql-real-escap?noredirect = 1#comment64014116_38297105) – Drew

回答

1

您還需要設置一些會話變量通過攜帶到personal.php網頁...這將有助於確定如果作爲原始數據發佈時將您重定向到該頁面無法通過轉移用戶已經登錄成功與否,你會需要你的logreg.php是以下幾點:

<?php 
 
if (!isset($_SESSION)) {session_start();}  
 

 
$servername = "localhost"; 
 
$username = "alex"; 
 
$password = "calamar28"; 
 
$database = "register/login"; 
 

 
$conn = mysqli_connect($servername, $username, $password, $database); 
 

 
if(!$conn){ 
 
\t die("Connection failde:".mysqli_connect_error()); 
 
} 
 

 
if(isset($_POST["login"])) { 
 
\t $user = $_POST['username']; 
 
\t $pass = $_POST['password']; 
 
\t 
 
\t $sql = "SELECT * FROM users WHERE username='$user' AND password='$pass';"; 
 
\t 
 
\t $result = mysqli_query($conn, $sql); 
 
\t $count = mysqli_num_rows($result); 
 
\t 
 
\t if ($count == 1) 
 
\t { 
 
       $_SESSION['loggedIn'] = 1; 
 
\t \t header("Location: personal.php"); 
 
\t } 
 
\t else 
 
\t { 
 
\t \t echo "Username or password is incorrect!"; 
 
\t } 
 
\t 
 
} 
 
else if(isset($_POST["register"])) { 
 
\t $user = $_POST['username']; 
 
\t $pass = $_POST['password']; 
 
\t 
 
\t $sql = "INSERT INTO users (id, username, password) VALUES ('', '$user', '$pass')"; 
 
\t 
 
\t $result = mysqli_query($conn, $sql); 
 
} 
 
else 
 
{ 
 
\t echo "Try again!"; 
 
} \t 
 
?>

然後你personal.php頁面會更改爲以下:

<?php 
 
if (!isset($_SESSION)) {session_start();} 
 

 
if(isset($_SESSION["loggedIn"]) && ($_SESSION["loggedIn"] == 1)){ 
 
\t echo "Welcome to you personal area !"; 
 
\t echo '<a href = "proiect4.php">Your proiect</a>'; 
 
} 
 
else 
 
{ 
 
\t echo "You are not logged in!"; 
 
} 
 
?>

來源

2016-07-14 14:48:19 claudecompere

+0

謝謝,這幫了我很多! –

0

的默認方法對HTML表單是GET。並在您的HTML代碼中寫下metodh而不是方法。這將被忽略,然後你的方法會自動默認爲GET。除此之外,您的PHP代碼很好。 更改您的HTML代碼,類似於下面,並預期應當一切正常:

<!DOCTYPE html> 
    <html> 
     <head> 
     </head> 
     <body> 
      <form action="logreg.php" method="post" accept-charset="utf-8"> 
       <label>Username:</label><input type="text" name="username" placeholder="Username"> 
       <br> 
       <label>Password:</label><input type="password" name="password" placeholder="Password"> 
       <br> 
       <input type="submit" name="login" value="Login"> 
       <input type="submit" name="register" value="Register"> 
     </form> 

    </body> 
    </html>

來源

2016-07-14 14:31:32 Poiz

相關問題

 相關問題