-1

我找不到我的错误,我可以帮忙吗?我正在尝试使用 cookie 的登录代码。先感谢您!我似乎看不到我的错误。我希望有人能看到我错过的东西。错误出现在第 47 行,但我知道这并不完全意味着它就在那里。

<?php
    if(isset($_POST['sent']) && $_POST['sent'] == "yes")
    {
        foreach($_POST as $field => $value)
        {
            if($value == "")
            {
                $blank_array[$field]= $value;
            }
            else
            {
                $good_data[$field]=strip_tags(trim($value));
            }
        }
    }

    if(@sizeof($blank_array) > 0)
    {
        $message = "<p style='color: red; margin-bottom: 0; font-weight: bold'> Error.</p>";
        extract($blank_array);
        extract($good_data);
        include("form_log.php");
        exit();
    }

    include("dbstuff.php");
    $cxn = mysqli_connect($host,$user,$password,$database) or die ("coulnt connect");
    $query = "SELECT first_name FROM customer WHERE user_name='$_POST[user_name]' AND       password=md5('$_POST[password]')";
    $result = mysqli_query($cxn,$query) or die ("couldnt query");
    $n_row = mysqli_num_rows($result);

    if($n_row < 1)
    {
        $message = "<p style='color: red; margin-bottom: 0; font-weight: bold'> Not found.     </p>";
        extract($_POST);
        include("form_log.php");
        exit();
    }
    else
    {
        $row=mysqli_fetch_assoc($result);
        setcookie("first_name",$row['first_name']);
        setcookie("auth","yes");
        header("Location: secret_page_cookie.php");
    }

    else
    {
        $user_name = "";
        $password = "";
        include("form_log.php");
    }
?>

抱歉没有缩进,但这很难缩进。第二个是 if(@sizeof)..

4

3 回答 3

7 
if ($n_row < 1) {
    $message = "<p style='color: red; margin-bottom: 0; font-weight: bold'> Not found.     </p>";
    extract($_POST);
    include("form_log.php");
    exit();
} else {
    $row=mysqli_fetch_assoc($result);
    setcookie("first_name",$row['first_name']);
    setcookie("auth","yes");
    header("Location: secret_page_cookie.php");
} else {
    $user_name = "";
    $password = "";
    include("form_log.php");
}

你在这里有两个else陈述。您需要弄清楚if它属于哪个语句或将其转换为elseif条件。

于 2012-07-13T17:40:48.780 回答
4

第 47 行:

else
{
$user_name = "";
$password = "";
include("form_log.php");
}

else每一个只能有一个if这是第二个else

于 2012-07-13T17:41:13.790 回答
2

到最后你有两个其他块,应该只有一个。而且您的代码很容易受到 SQL 注入攻击。不要通过连接构造 SQL 字符串,而是使用参数化查询。

于 2012-07-13T17:41:52.993 回答