-6

以下是我的php登录脚本,有一个问题。如果我输入任何密码,那么它不会验证密码,它会进入用户面板页面。我的代码哪里错了,谁能告诉我正确的方向

N:B: 我是 PHP 新手,也是这个网站的新手。

<?php
if(isset($_POST['action']) && isset($_POST['action']) == 'Log In')
{
$uname = mysql_real_escape_string(trim(htmlspecialchars($_POST['uname']))); 
$pass = mysql_real_escape_string(trim(htmlspecialchars($_POST['pass'])));   

$crytpass = hash('sha512','$pass'); 
$err = array();

include_once("toplevel/content/manage/dbcon/dbcon.php");

// check username 
$check_uname = mysql_query("SELECT uname FROM members WHERE uname = '$uname'");
$num_uname = mysql_num_rows($check_uname);

// check password
$check_pass = mysql_query("SELECT pass FROM members WHERE pass = '$crytpass'");
$num_pass = mysql_num_rows($check_pass);

/// userid

$userid = mysql_query("SELECT userid FROM members");    
$re = mysql_fetch_array($userid);
$userid = (int) $re['userid'];


if(isset($uname) && isset($pass))
{
    if(empty($uname) && empty($pass))   
        $err[] = "All field required";  
    else
    {
        // username validation process....

        if(empty($uname))
            $err[] = "Username required";
        else
        {
            if($num_uname == 0)         
            $err[] = "Username is not correct";
        }

        // password validaiton process...

        if(empty($pass))
            $err[] = "Password required";               
        else
        {
            if($num_pass == 0)
            $err[] = "Password is not correct";         
        }

    }
}

if(!empty($err))
{
    foreach($err as $er)
    {
        echo "<font color=red>$er<br></font>";
    }   
}
else
{   
     include("user/include/newsession.php");                   
         header("Location:user/index.php");                     

}

}
?>
4

2 回答 2

2

这里有很多事情是错的

代替

if (isset ( $_POST ['action'] ) && isset ( $_POST ['action'] ) == 'Log In') {


if (isset ( $_POST ['action'] ) &&  $_POST ['action'] == 'Log In') {

要替换的东西太多了。等我为你重写脚本

编辑 1

if (isset ( $_POST ['action'] ) && $_POST ['action'] == 'Log In') {
    $uname = prepareStr ( $_POST ['uname'] );
    $pass = prepareStr ( $_POST ['pass'] );
    $shaPass = hash ( 'sha512', $pass );
    $errors = array ();

    include_once ("toplevel/content/manage/dbcon/dbcon.php");

    if (! isset ( $uname ) || empty ( $uname )) {
        $err [] = "Empty Username not allowed";
    }

    if (! isset ( $pass ) || empty ( $pass )) {
        $err [] = "Empty Password not allowed";
    }

    if (count ( $err ) == 0) {
        $mysqli = new mysqli ( "localhost", "root", "", "test" ); // Replace with
                                                                  // DB
                                                                  // Information
        $result = "SELECT uname ,pass FROM members WHERE uname = '$uname' AND pass = '$shaPass'";

        if ($result->num_rows > 0) {
            $err [] = "Invalid username or Password";
        }

        if (count ( $err ) == 0 && $result) {
            $userInfo = $result->fetch_assoc ();
        /**
         * You can do what every you like here
         */
        }
    }

    if (count ( $err ) > 0) {
        /**
         * Kill the user
         */

        echo "<pre>";

        foreach ( $err as $value ) {
            echo $value . "\n";
        }
        die ( "Die! Die! Die!" );
    }

}

function prepareStr($str) {
    $str = htmlspecialchars ( $str );
    $str = trim ( $str );
    $str = mysql_real_escape_string ( $str );

    return $str;
}

谢谢

于 2012-04-05T13:21:12.987 回答
1

如果用户名错误,您不应该告诉您的用户,这会使蛮力尝试闯入更容易。

<?php
if(isset($_POST['action']) && $_POST['action'] == 'Log In') {
    $userid = false;
    $uname = mysql_real_escape_string(trim(htmlspecialchars($_POST['uname'])));
    // or better
    // $uname = filter_var($_POST['uname'], FILTER_SANITIZE_STRING);
    $pass = $_POST['pass'];   

    $crytpass = hash('sha512',$pass); 
    $err = array();

    include_once("toplevel/content/manage/dbcon/dbcon.php");

    $q = mysql_query("SELECT userid FROM members WHERE uname = '$uname' AND pass='$cryptpass'");

    if(mysql_num_rows($q) > 0){
        $re = mysql_fetch_array($q);
        $userid = (int) $re['userid'];
    } else {
        // username or password wrong
    )

   if($userid) {
      // successfull login
   }

}

于 2012-04-05T13:25:50.827 回答