-5

我在使用 php 和 mysql 进行简单登录时遇到问题。

这是我的代码:

登录.PHP

 <?php

    //include 'core/init.php';
    include 'functions.php';

    //JH check if user is logged in already
    if (loggedin()) {
        header("location: userarea.php");
        exit();
    }

    if ($_POST['login']) { 
        $user = $_POST['user'];
        $pass = $_POST['pass'];
        $remember = $_POST['remember'];
        $password_encrip = hash('md5', $pass);

    if ($user&&$pass) {
        $login = mysql_query("SELECT * FROM users WHERE user='$user'");
        while  ($row = mysql_fetch_assoc($login))   
        $db_pass = $row['pass']; {

        if ($password_encrip==$db_pass) 
            $login_ok = TRUE;
        else 
            $login_ok = FALSE;
        }

        if ($login_ok==TRUE) {

            if ($remember=="on")
                setcookie("user", $user, time()+7200);

            else if ($remember=="")
                $_SESSION['user']=$user;

            header("Location: userarea.php");
            exit();

        } else 
            echo "ERROR: Username/Password combination incorrect!";

        } else 
            die("ERROR: Hit back and enter username and password!");
    }


    ?>

    <form action="login.php" method="POST">
    <b style="font-size:150%;">Log in</b><br/>
    Username: <input type="text" name="user"/><br/>
    Password: <input type="password" name="pass"/><br/>
    <input type="checkbox" name="remember" />Remember me<br/>
    <input type="submit" name="login" value="Log in"/>
    </form>

函数.PHP

  <?php 

    // REPORT ERRORS?
    //error_reporting(E_ALL);

    // SESSIONS CHECK
    session_start();

    //CONNECT TO DATABASE/CONNECT
    mysql_connect("localhost","MYSQL","PASS") or die();
    mysql_select_db('DB') or die();

    // LOGIN CHECK FUNCTION
    function loggedin()
    {
        if (isset($_SESSION['$user']) || isset($_COOKIE['$user']))
        {
            $loggedin = TRUE;
            return $loggedin;
        }
    }


    ?>

用户区.PHP

        <?php 

    //include 'core/init.php';
    include 'functions.php';

    //JH check if user is logged in already
    if (!loggedin())
    {
        header("location: login.php");
        exit();
    }

    ?>

    <p>Welcome! You're Logged in</p> <a href="logout.php">Logout</a><br/>


    <?php
        echo "Welcome SESS: ".$_SESSION['user']. "<br/>";
        echo "Welcome Cookie: ".$_COOKIE['user']. "<br/>";
    ?>

有人可以帮忙吗?

4

2 回答 2

2

在 PHP 的顶部,放置session_start();(您发布的第一页)。

于 2012-06-28T20:52:09.970 回答
0

试一试,一件大事是你总是想在添加到查询之前清理用户输入,而且如果没有设置 $_post 值,它们不会返回 false,所以这样做 if($_POST['something']) 会返回一个错误

----------------------------------- LOGIN.PHP



<?php

    //include 'core/init.php';
    include 'functions.php';

    //JH check if user is logged in already
    if (loggedin()) {
        header("location: userarea.php");
        exit();
    }

    if ($_POST['login']) {
        $user = mysql_real_escape_string($_POST['user']);
        $pass = mysql_real_escape_string($_POST['pass']);
        $remember = mysql_real_escape_string($_POST['remember']);
        $password_encrip = hash('md5', $pass);

        if (!empty($user) && !empty($pass)) {
            $login = mysql_query("SELECT * FROM users WHERE user='$user' AND pass = '$password_encrip'");

            while ($row = mysql_fetch_assoc($login)) {

                if (count($row) > 0) {
                    $login_ok = TRUE;
                } else {
                    $login_ok = FALSE;
                }
            }

            if ($login_ok) {

                if ($remember == "on") {
                    setcookie("user", $user, time() + 7200);
                } else if ($remember == "") $_SESSION['user'] = $user;

                header("Location: userarea.php");
                exit();

            } else {
                echo "ERROR: Username/Password combination incorrect!";
            }

        } else {
            die("ERROR: Hit back and enter username and password!");
        }
    }


?>

<form action="login.php" method="POST">
    <b style="font-size:150%;">Log in</b><br/>
    Username: <input type="text" name="user"/><br/>
    Password: <input type="password" name="pass"/><br/>
    <input type="checkbox" name="remember"/>Remember me<br/>
    <input type="submit" name="login" value="Log in"/>
</form>


------------------------------------------ FUNCTIONS.PHP

<?php

    // REPORT ERRORS?
    //error_reporting(E_ALL);

    // SESSIONS CHECK
    session_start();

    //CONNECT TO DATABASE/CONNECT
    mysql_connect("localhost", "MYSQL", "PASS") or die();
    mysql_select_db('DB') or die();

    // LOGIN CHECK FUNCTION
    function loggedin() {
        if (isset($_SESSION['$user']) || isset($_COOKIE['$user'])) {
            $loggedin = TRUE;
            return $loggedin;
        }
    }


?>






---------------------------------------------- USERAREA.PHP



<?php

    //include 'core/init.php';
    include 'functions.php';

    //JH check if user is logged in already
    if (!loggedin()) {
        header("location: login.php");
        exit();
    }

?>

<p>Welcome! You're Logged in</p> <a href="logout.php">Logout</a><br/>


<?php
    echo "Welcome SESS: " . $_SESSION['user'] . "<br/>";
    echo "Welcome Cookie: " . $_COOKIE['user'] . "<br/>";
?>
于 2012-06-29T00:35:33.053 回答