我不知道如何解决这个错误。如果用户输入错误的输入,我会在用户登录时得到一个空白页面。如果他们输入数据库中不存在的信息。请帮忙 :)
登录.php
<?php
include ("base.php");
include ("passwordchecker.php");
include ("functions.php");
$error = "";
function postInput($htmlName)
{
if(isset($_POST[$htmlName]))
{
return $_POST[$htmlName];
}
return null;
}
//check if the user is already login.
if(isset($_SESSION['userid']))
{
//check the database for existing user.
$usercheck = $mysqli->prepare("SELECT * FROM user WHERE userid = ?");
$usercheck->bind_param("i",$_SESSION['userid']);
$usercheck->execute();
$usercheck->store_result();
$results = $usercheck->num_rows;
if($results == 1)
{
redirect("languages.php");
}
}
$loginusername = postInput('username');
$loginpassword = postInput('password');
if(isset($_POST['submit']))
{
if($loginusername == "" || $loginpassword == "")
{
$error = "Please Enter your user name and password";
}
else
{
//user isnt logged in
if($stmt = $mysqli->prepare("SELECT userid, password FROM user WHERE username = ? LIMIT 1"))
{
$stmt->bind_param("s",$loginusername);
$stmt->execute();
$stmt->bind_result($userid,$correctHash);
$stmt->fetch();
if(ValidatePassword($loginpassword,$correctHash))
{
$_SESSION['userid'] = $userid;
redirect('languages.php');
}
die();
$stmt->close();
}
else
{
$error = "You dont exist in Database."
}
}
}
?>
密码检查器.php
<?php
function HashPassword($password)
{
$salt = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM));
$hash = hash("sha256", $salt . $password);
$final = $salt . $hash;
return $final;
}
function ValidatePassword($password, $correcthash)
{
$salt = substr($correcthash, 0, 64);
$validhash = substr($correcthash, 64, 64);
$testhash = hash("sha256", $salt . $password);
return $testhash == $validhash;
}
?>
函数.php
<?php
function redirect($page)
{
header("Location: " . $page);
exit();
}
?>
基础.php
<?php
session_start();
$dbhost = "localhost";
$dbname = "login";
$dbuser = "root";
$dbpass = "DirectedStudies2012";
$mysqli = new mysqli($dbhost,$dbuser,$dbpass,$dbname);
?>