2

我正在使用此代码验证我的 URL。

  1. 它在我的工作正常localhost但是当我加载到服务器(goDaddy)时,它反复询问用户名和密码。

  2. 我想控制那些用户名和密码字段并将它们连接到我的数据库。

为此,我使用这样的代码:

$conid = mysql_connect("localhost", "root", "");
if(!$conid) {
  die("sorry unable to establish a connection".mysql_error());
}
echo "connected succesfully<br>";
mysql_select_db("passurl", $conid);
$rr = mysql_query("select password from validate where username='$user' ");
while($row = mysql_fetch_array($rr)) {
  $x = $row['password'];
}
if($x == $password) {
  //take into the website
}

因此,当用户输入用户名和密码时,成功验证后它会进入该页面。

我正在使用 PHP-MYSQL,因为我已经初步了解它,是编程的新手。

请帮助我用合适的测试代码解决上述两个问题。

编辑: 问题一在本地工作,并且正在使用链接中提供的相同代码。问题二是我正在尝试从我的本地数据库中检索这些usernamepassword字段,以便可以在我的本地主机上授予登录权限(如果它在后期工作,我会将数据库联机)。

编辑2:

ty.php包含类似的代码

<?php

$auth_realm = 'Access restricted';

require_once 'auth.php';

echo "You've logged in as {$_SESSION['username']}<br>";
echo '<p><a href="?action=logOut">LogOut</a></p>'

?>

<center><h1>now you see the protected content</h1></center>

auth.php包含

<?php   
  $_user_ = 'test';
  $_password_ = 'test';
  session_start();

$url_action = (empty($_REQUEST['action'])) ? 'logIn' : $_REQUEST['action'];
$auth_realm = (isset($auth_realm)) ? $auth_realm : '';

if (isset($url_action)) {
    if (is_callable($url_action)) {
        call_user_func($url_action);
    } else {
        echo 'Function does not exist, request terminated';
    };
};

function logIn() {
    global $auth_realm;

    if (!isset($_SESSION['username'])) {
        if (!isset($_SESSION['login'])) {
            $_SESSION['login'] = TRUE;
            header('WWW-Authenticate: Basic realm="'.$auth_realm.'"');
            header('HTTP/1.0 401 Unauthorized');
            echo 'You must enter a valid login and password';
            echo '<p><a href="?action=logOut">Try again</a></p>';
            exit;
        } else {
            $user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : ''; 
            $password = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : ''; 
            $result = authenticate($user, $password);
            if ($result == 0) {
                $_SESSION['username'] = $user;
            } else {
                session_unset($_SESSION['login']);
                errMes($result);
                echo '<p><a href="">Try again</a></p>';
                exit;
            };
        };
    };
}

function authenticate($user, $password) {
    global $_user_;
    global $_password_;

    if (($user == $_user_)&&($password == $_password_)) { return 0; }
    else { return 1; };
}

function errMes($errno) {
    switch ($errno) {
        case 0:
            break;
        case 1:
            echo 'The username or password you entered is incorrect';
            break;
        default:
            echo 'Unknown error';
    };
}

function logOut() {

    session_destroy();
    if (isset($_SESSION['username'])) {
        session_unset($_SESSION['username']);
        echo "You've successfully logged out<br>";
        echo '<p><a href="?action=logIn">LogIn</a></p>';
    } else {
        header("Location: ?action=logIn", TRUE, 301);
    };
    if (isset($_SESSION['login'])) { session_unset($_SESSION['login']); };
    exit;
}

?>

因此,一旦我们点击ty.php它,它就会要求输入用户名和密码,并且在成功验证后它会显示受保护的状态。所有这些在 localhost 中运行良好,但在服务器上不起作用。

有人可以帮我解决这个
问题提前谢谢:)

4

2 回答 2

0

You need to create a database username and password on your goDaddy hosting service, root and empty password can't get you through. The root is the default username for your local server and you didn't set any password for it, hence "" works for you as password. You must set up a username and a password on your remote server for it to work.

mysql_connect("your-host-server", "a-username", "a-secret-password"); // Password can't be empty and username can't be root, hope you understand
于 2012-04-05T12:57:16.367 回答
0

您正在遍历密码,但仅在循环后检查单个值。

你的代码是:

while($row = mysql_fetch_array($rr)) {
  $x = $row['password'];
}
if($x == $password) {
  //take into the website
}

它应该是:

while($row = mysql_fetch_array($rr)) {
    if ($password == $row['password']) {
        // take into the website
    }
}
于 2012-04-09T11:07:59.750 回答