-1

我有一个登录脚本。它检查我的数据库的用户表以查看这些值是否存在。我在表中添加了一个“close_account”列来控制是否允许用户登录。如果“close_account”=1,他们无法登录,如果“close_account”=0,那么他们可以登录。

我已经有一个 if / else 语句显示使用的登录凭据是否无效(即它们在数据库中不存在)所以我需要额外检查“close_account”标志,以便我可以向告诉他们他们的帐户已被禁用的用户。

这可能吗?

这是我现有的代码:

// Check database to see if email and the hashed password exist there.
            $query = "SELECT id, email, close_account ";
            $query .= "FROM ptb_users ";
            $query .= "WHERE email = '{$email}' ";
            $query .= "AND password = '{$hashed_password}' ";
            $query .= "AND close_account = '0' ";
            $query .= "LIMIT 1";
            $result_set = mysql_query($query);
            confirm_query($result_set);

redirect_to("dashboard.php");
            } else {
                // email/password combo was not found in the database
                $message = "<div class=\"infobox\"><strong>Email/Password combination incorrect.</strong><br />
                    Please make sure your caps lock key is off and try again.</div>";
            }
4

3 回答 3

0

好的,这是我的答案

$query = mysql_query("select * from ptb_users where WHERE email = '".$_POST['email']."' and password = '".$_POST['password']."' ")
while($check_account = mysql_fetch_array($query))
{
  $email_check = $check_account['email'];
  $pass_check = $check_account['password'];//whatever if this is hashed_password i dunno
  $blocked_acc = $check_account['close_account'];
}   
if($block_acc == 1) //or what ever your specs in the database are
{
 echo "Your Account has been blocked";
}
else if($email_check != $_POST['email'] && $pass_check != $_POST['password'])
{
 echo "Invalid E-mail or Password";
}

http://www.jaywebtechnologies.co.cc

于 2012-10-27T15:35:30.933 回答
0

用下面的方式重写你的逻辑。

 //confirm_query($result_set);
 if(mysql_num_rows($result_set) > 0) {
       redirect_to("dashboard.php");
  } else {
            // email/password combo was not found in the database
            $message = "<div class=\"infobox\"><strong>Email/Password combination incorrect.</strong><br />
                Please make sure your caps lock key is off and try again.</div>";
  }
于 2012-10-27T15:20:36.243 回答
0

在查询的 where 子句中没有 close_account ,然后在验证详细信息正确时对其进行测试。

$q = "SELECT id, email, close_account 
        FROM ptb_users 
       WHERE email = '$email'
         AND password = '$hashed_password'";

$results = mysql_query($q);
$user    = mysql_fetch_assoc($results);

if(!empty($user))
{
    if($user['close_account']) // If close_account is 1
    {
        // Display error, showing that account is closed.
    }
    else // If close_account is 0
    {
        redirect_to('dashboard.php');
    }
}
else 
{
    // Display error, showing that bad credentials were entered.
}
于 2012-10-27T15:22:23.793 回答