我正在使用在線視頻示例的登錄/註銷/成員頁面,試圖爲我的網站實現它。我有一個來自justhost的現場服務器,我創建了一個數據庫,並在用戶表中放入了一些虛擬用戶信息。我創建了一個connect.php文件,這個文件就是這樣做的,如果它連接到我的數據庫並運行,我會發出一條成功消息。當我嘗試登錄以顯示指向會員頁面的鏈接時,我不斷收到一條錯誤消息,指出我輸入的電子郵件未找到,但電子郵件位於數據庫表中。我究竟做錯了什麼?這裏是login.php文件,很抱歉它的長度。Login.php代碼在登錄過程中不檢索電子郵件
<?php
error_reporting (E_ALL^E_NOTICE);
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Member System - Login</title>
</head>
<body>
<?php
$form = "<form action='./login.php' method='post'>
<table>
<tr>
<td>Email:</td>
<td><input type='text' name='user'/></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password'/></td>
</tr>
<tr>
<td></td>
<td><input type='submit' name='loginbtn' value='Login' /></td>
</tr>
</table>
</form>";
if($_POST['loginbtn']){
$email = $_POST['user'];
$password = $_POST['password'];
if ($email){
if ($password){
require("connect.php");
$password = md5(md5("sdf5jkl".$password."jfdkSDf4"));
$query = mysql_query("SELECT * FROM users WHERE email='$email'");
$numrows = mysql_num_rows($query);
if($numrows == 1){
$row = mysql_fetch_assoc($query);
$dbid = $row['id'];
$dbpass = $row['password'];
$dbemail = $row['email'];
$dbactive = $row['active'];
if($password == $dbpass){
if($dbactive == 1){
//set session info
$_SESSION['id'] = $dbid;
$_SESSION['email'] = $dbemail;
echo "You have been logged in as <b>$dbemail</b>. <a href='./member.php'>Click here</a> to go to the member page.";
}
else
echo "You must activate your account to login. $form";
}
else
echo "You did not enter the correct password. $form";
}
else
echo "The email you entered was not found. $form";
mysql_close();
}
else
echo "You must enter your password. $form";
}
else
echo "You must enter your email. $form";
}
else
echo $form;
?>
</body>
</html>
檢查棘手的密碼的MD5生成和保護$ email參數從SQL注入;) –
嘗試的print_r $ _ POST,看看它輸出。 – RonaldBarzell
試着迴應你的$查詢,你會看到它是否有什麼問題。另外請注意,您的腳本容易受到SQL注入攻擊。 –