2

我是 php 新手,并试图开发一个登录脚本,但是当我输入值时它不起作用。我什至找不到错误,因为当我点击提交时,它只会刷新页面

这是我的代码

<?php include "../utilities/config.php"; 

foreach($_GET as $key=>$value)
{
${$key} = trim($value);
}
$error = '';
if($checking_member_availability == 'yes'){
if(empty($user_name)){
    $error .= "Please enter user name.<br />";
}
if(empty($password)){
    $error .= "Please enter password.<br />";
}
if(empty($error)){
        $sql = "select * from `".SITE_TABLE_PREFIX."user` where     email='".$user_name."' and pwd='".$password."'";
        $resultUser  = mysql_query($sql) or die(mysql_error().$sql);
        if(mysql_num_rows($resultUser)>0){
        $rowUser  = mysql_fetch_array($resultUser);
        $error .= '';
        $_SESSION['email']=$user_name;
        }else{
        $error .= "Please check Email and Password.";
    }
}

if(empty($error)){

    echo "myaccount.php";
}
else{
    echo "<font color='#A01D49'>$error</font>";
}
}
?>

请任何人都可以帮助我我花了很多时间都没有成功

这是html代码

<script type="text/javascript" language="javascript">
function validation()
{
var password = trim(document.form1.password.value);
var user_name = trim(document.form1.user_name.value);
var type = trim(document.form1.type.value);
http.open("GET", "processor.php?checking_member_availability=yes&password="+
                    escape(password)+"&user_name="+   escape(user_name)+"&type=" + escape(type)  , true);
http.onreadystatechange = handleHttpResponse;
http.send(null);
return false;
}
</script>
</head>
<table width="241" border="0" cellspacing="0" cellpadding="0">
        <tr>
          <td><table width="100%" border="0" cellspacing="0" cellpadding="0" <?php   if($_SESSION['user_id']!=''){?> style="display:none;"<?php }?>>
              <tr>
                <td align="left" valign="top" class="loginBg">
                    <img src="img/logintxt.jpg" alt = '' width='100' height='29' border='0'>
                </td>
              </tr>
              <tr>
                <td align="left" valign="top" class="login"><form name="form1" id="form1" action="" method="post" onSubmit="return validation();">
                    <table width="100%" border="0" cellspacing="0" cellpadding="0">
                     <tr><td colspan="3"><span id="user"></span></td></tr>
                      <tr>
                        <td align="left" valign="middle" class="height"><label class="boldtxt">Email:</label></td>
                        <td align="left" valign="middle" class="heightMid"><input type="text" name="email" id="email" />
                        </td>
                      </tr>
                      <tr>
                        <td align="left" valign="middle"><label class="boldtxt">Password:</label></td>
                        <td align="left" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0">
                            <tr>
                              <td align="left" valign="top"><input type="password" name="password" id='password' class="loginfld" />
                              </td>
                              <td align="left" valign="middle"><input type="image" src="img/submit.jpg" class="submit" onClick="return validation();" />
                              </td>
                            </tr>
                          </table></td>
                      </tr>
                      <tr>
                        <td align="left" valign="top">&nbsp;</td>
                        <td align="left" valign="top"><a href="forget_password.php" class="normalTxt">Forgot your password?</a><br />
                        </td>
                      </tr>
                    </table>
                  </form></td>
              </tr>
            </table></td>
        </tr>
        <tr>
          <td align="left" valign="top">
          <table width="100%" border="0" cellspacing="0" cellpadding="0">
                    <tr>
                      <td align="left" valign="top"><a href="provider_registration.php"><img src="images/applybut.jpg" alt="" border="0" class="apply" /></a></td>
                    </tr>
                    <tr>
                      <td align="left" valign="top">
                      <?=$value?>
                      </td>
                    </tr>
                    <tr>
                        <td align="left" valign="top">&nbsp;</td>
                    </tr>
                    <tr>
                      <td align="left" valign="top">&nbsp;</td>
                    </tr>
                </table>
          </td>
        </tr>
      </table>
4

2 回答 2

1

好的,你有一个带有文件名的 echo 语句:

   echo "myaccount.php";

首先,你确定这是你想做的吗?我相信这会回显字符串“myaccount.php”。我相信你会想要包括“myaccount.php”

其次,您在 javascript 中引用了表单字段“user_name”,但您尝试访问的字段名称名为“email”。这也可能是问题的一部分。

于 2012-11-15T15:57:43.433 回答
0

您正在使用 form method="post",但正在寻找$_GET.

要么使用method="get",要么$_POST

正如您从评论中收集的那样,您的代码在安全性方面还有其他几个问题。不要灰心——每个人都曾经是初学者。但是,您确实应该阅读SQL 注入并停止将所有 $_GET 值分配给字符串 - 完整命名每个字符串,即:

$user_name = trim($_GET['user_name']);

祝你好运,坚持下去!

[编辑]啊,正如斯蒂芬在评论中正确指出的那样,JS 用于get提交帖子,所以实际上是“电子邮件”的字段名称是问题所在。

于 2012-11-15T15:52:57.023 回答