0

我有一个登录脚本,当表单重定向时它只是显示一个空白屏幕,有什么想法吗?我对 PHP 很陌生,所以一般对脚本的任何评论都会很棒。

非常感谢您的帮助!

<?php
session_start(); //must call session_start before using any $_SESSION variables
$username = $_POST['username'];
$password = $_POST['password'];
//connect to the database here

require_once('../Connections/PropSuite.php');
mysql_select_db($database_PropSuite, $PropSuite);

$username = mysql_real_escape_string($username);
$query = "SELECT password, salt
        FROM users
        WHERE username = '$username';";
$result = mysql_query($query);
if(mysql_num_rows($result) < 1) //no such user exists
{
    header('Location: index.php');
    die();
}
$userData = mysql_fetch_array($result, MYSQL_ASSOC);
$hash = hash('sha256', $userData['salt'] . hash('sha256', $password) );
if($hash != $userData['password']) //incorrect password
{
    header('Location: index.php');
    die();
}
else
{
    validateUser(); //sets the session data for this user
}
//redirect to another page or display "login success" message


?>
4

2 回答 2

0

您的代码中可能存在解析错误,并且您关闭了错误报告。

解决方案:

把它放在你的标题中,看看错误,纠正它们。完成后将其删除——在生产环境中这是不可取的。

error_reporting(E_ALL & ~E_NOTICE);
ini_set('display_errors', TRUE);
ini_set('display_startup_errors', TRUE);
于 2012-10-22T19:28:26.773 回答
0

我认为你错过了重定向,除非你在 validateUser() 函数中有它。如果没有,您可以执行以下任一操作:

else
{
   validateUser(); //sets the session data for this user
}
//redirect to another page or display "login success" message
header('Location: your-desired-login-location.php');
die();
?>

或者..

else
{
   validateUser(); //sets the session data for this user
   header('Location: your-desired-login-location.php');
   die();
}
//redirect to another page or display "login success" message

?>
于 2012-10-22T20:15:26.037 回答