0

因此,对于我正在处理的项目,只需在下拉菜单中填写一个选项,然后单击提交(无密码字段)即可登录。

我在该主题上进行的任何搜索都会返回有关制作类似于 twitter 的简洁下拉菜单的信息。当我自己尝试这样做时,发生了服务器错误的严重可憎。

<?php

mysql_connect("localhost", "root", "mypassword")or die("cannot connect"); 
mysql_select_db("lunch_punch")or die("cannot select DB");

$myname=$_POST['myname'];


session_register("myname");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}

<?php
session_start();
if(!session_is_registered(myname)){
header("location:home.html");
}
?>

<html>
<body>
Login Successful
</body>
</html>
4

2 回答 2

1

在这里,我将这个示例/ tut 放在一起,因为我怀疑您正在查看一个非常古老的教程;

它非常简单易懂,涵盖了很多方面,包括使用 PDO 安全地连接到数据库并对其进行查询、会话控制以及使用简单类和访问其方法。希望能帮助到你。

<?php 
session_start();

class simpleLogin{
    public $error;

    function __construct($dsn, $user=null, $pass=null){
        $this->dsn = $dsn;
        $this->user = $user;
        $this->pass = $pass;
        //Connect
        $this->connect();
    }

    function connect(){
        try{
            $this->db = new PDO($this->dsn, $this->user, $this->pass);
            $this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
            $this->db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
            $this->db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE,PDO::FETCH_ASSOC);
        }catch (Exception $e){
            die('Cannot connect to databse. Details:'.$e->getMessage());
        }
    }

    //Get all users from db for drop down box
    function get_all_users(){
        $sql = "SELECT * FROM users";
        $statement = $this->db->query($sql);
        $statement->execute();
        return $statement->fetchAll();
    }

    /**
     * The main check_login method, this method is called
     *  on each page load to check status of logged in user
     *  or handle form POST login.
     *
     * @return bool
     */
    function check_login(){
        //Logout
        if(isset($_GET['logout'])){$this->logout();}

        //Already Logged in
        if(isset($_SESSION['logged_in']) && $_SESSION['logged_in']===true){return true;}

        //User posted login form
        if($_SERVER['REQUEST_METHOD']=='POST'){
            if(!empty($_POST['myname'])){
                /*
                CREATE  TABLE `lunch_punch`.`users` (
                `id` INT NOT NULL AUTO_INCREMENT ,
                `username` VARCHAR(255) NULL ,
                PRIMARY KEY (`id`) );
                */
                $sql = "SELECT 1 FROM users WHERE username=:username";
                $statement = $this->db->prepare($sql);
                $statement->bindParam(':username', $_POST['myname']);
                $statement->execute();
                $result = $statement->fetch();
                if(!empty($result)){
                    $_SESSION['logged_in']=true;
                    return true;
                }else{
                    return false;
                }
            }else{
                $this->error = 'Please select your name!';
            }
        }
    }

    /**
     * Logout user and then redirect to index
     *
     */
    function logout(){
        session_destroy();
        session_regenerate_id(true);
        exit(header('Location: index.php'));
    }
}


//Start the login class and pass your mysql connection details
$login = new simpleLogin('mysql:host=127.0.0.1;dbname=lunch_punch','root','password');

//Check the login
if($login->check_login() === true){
    //Logged In, wOOt do whatever...
    echo 'You are logged in... <a href="?logout">Logout</a>';
}else{
    //Logged Out, show login form
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Simple Login by Select Box</title>
</head>
<form method="POST" action="">
  <p>Please Login by selecting your name.</p>

  <p><select size="1" name="myname">
      <option value="" selected>-- Select Your Name --</option>
      <?php 
      //Get all users from database and output into the option box
      foreach($login->get_all_users() as $user):?>
      <option value="<?php echo $user['username'];?>"><?php echo $user['username'];?></option>';
      <?php endforeach;?>
     </select>
     <input type="submit" value="Login">
  </p>
  <?php echo ((!empty($login->error))?'<span style="color:red;">'.$login->error.'</span>':null);?>
</form>
<body>
</body>
</html>
<?php } ?>
于 2012-08-20T02:30:58.627 回答
0

session_register并且相关函数在 php 5.3 中已弃用,并已在 php 5.4 中删除。因此,如果您使用的是 php 5.4,则此代码将导致致命错误。

您应该改用类似的东西,请参阅手册

<?php
session_start();
$myname=$_POST['myname'];
// do some validation on $myname to make sure it is what you expect it to be
$_SESSION['myname'] = $myname;

以及您需要检查要设置的变量的位置:

<?php
session_start();
if (isset($_SESSION['myname']))
{
  // the variable is set
}

这些mysql_*函数也已弃用,我建议您切换到 PDO 或 mysqli 中的准备好的语句。

于 2012-08-20T01:57:22.240 回答