1

这是我一直在研究的登录系统。似乎无论我做什么,即使登录有效,它也会直接将我发送到错误页面。

  1. 我正在从表单中获取用户名/密码字符串。
  2. 查询是正确的,我测试了它,然后我绑定了这些变量。
  3. 然后它把我送到错误页面。如何检查我是否正确检索行?
  <?php 
    function clean($str)
    {
        $str = @trim($str);
        if(get_magic_quotes_gpc()) {
            $str = stripslashes($str);
        }
        return mysql_real_escape_string($str);
    }

    //Sanitize the POST values

    $username = clean($_POST['username']);
    $password = clean($_POST['password']);

    /* Create a new mysqli object with database connection parameters */
    $mysqli = mysqli_connect('localhost', 'root', '', 'draftdb');

    if(mysqli_connect_errno()) 
    {
        echo "Connection Failed: " . mysqli_connect_errno();
        exit();
    }

    /* Is your username the same as the login_id? If not you need to change this query's where to use the username column not the login_id. */

    /* Create a prepared statement */
    if($stmt = $mysqli -> prepare("
        SELECT Login_ID, Login_PW
        FROM login  
        WHERE Login_ID=? AND Login_PW=?
    "))
    {
        /* Bind parameters
             s - string, b - boolean, i - int, etc */
        $stmt -> bind_param("ss", $username, md5($password));

        /* Execute it */
        $result = $stmt -> execute();

        //Check whether the query was successful or not
        if ($result === false) 
        {
            die("Query failed");
        }


        /* Bind results to variables that will be used within the fetch() loop. */
        $stmt -> bind_result($username, $password);

          /* Check the number of rows returned. */
        if ($stmt->num_rows !== 1) {
            //Login failed

            header("location: login-failed.php");
            exit();
        }

        /* Iterate over the results of the query. */
        while ($stmt->fetch())  
        { 
            //Login Successful
            if($stmt->num_rows > 0) 
            {
            session_regenerate_id();
            /* We can use $login_id, $firstname and $lastname cause we binded the result to those variables above. */
            $_SESSION['SESS_MEMBER_ID'] = $username;

            session_write_close();
            header("location: member-index.php");
            exit();
            }
         }//main if close



          /* Close statement */
          $stmt -> close();
       }

       /* Close connection */
       $mysqli -> close();
    ?>

更新得出结论,我没有从我的表单中得到任何传递给我的 php 脚本的东西

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="POST" action="login.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="username" type="text" id="username"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="password" type="text" id="password"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
4

1 回答 1

1

将您的表单标签移动到您的表格之外<form name="form1" method="POST" action="login.php">-</form>

<form name="form1" method="POST" action="login.php">
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="username" type="text" id="username"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="password" type="text" id="password"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</tr>
</table>
</form>

表单不允许作为table,tbody或的子元素tr。它需要位于外部table或完全内部<td> <form ...> </form> </td>

于 2012-08-11T21:25:20.000 回答