当用户登录时,他们被重定向到 member.php,下面是登录代码,后面是 member.php 代码。
登录.php
<?php
session_start ();
include 'core/init.php';
$username = '';
$password = '';
$dbusername = '';
$dbpassword = '';
if (isset($_POST['Email']) && isset($_POST['Password']))
{
$username = $_POST['Email'];
$password = md5($_POST['Password']);
$query = mysql_query("SELECT * FROM member WHERE Email ='$username' AND Password='$password'");
$numrow = mysql_num_rows ($query);
// user login
if ($numrow!=0)
{
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['Email'];
$dbpassword = $row['Password'];
}
//Check to see if they match
if ($username==$dbusername&&$password==$dbpassword)
{
$_SESSION ['Email']=$username;
header("Location: member.php");
}
}
else
{
// admin login
$query2 = mysql_query("SELECT * FROM admin WHERE Email ='$username' AND Password ='$password'");
$numrow2 = mysql_num_rows ($query2);
if ($numrow2!=0)
{
while ($row = mysql_fetch_assoc($query2))
{
$dbusername = $row['Email'];
$dbpassword = $row['Password'];
}
//Check to see if they match
if ($username==$dbusername&&$password==$dbpassword)
{
$_SESSION ['Email']=$username;
header("Location: admin.php");
}
else{
echo "Incorrect password";
}
}
else{
if ($username!=$dbusername&&$password!=$dbpassword)
{die("That user does not exist!");
}
}
}
}
/*if ($numrow2!=0)
{
while ($row = mysql_fetch_assoc($query2))
{
$dbusername = $row['Email'];
if ($username!=$dbusername)
{die("That user does not exist!");
}
}
}
else
die("Please enter your email address and password");
*/
?>
member.php 代码(我知道这很乱。抱歉,现在只需要让它工作)
<div id="header">
<div id= "logout">
<?php
if(isset($_GET['username']) === true & empty ($_GET['username']) === false)
$username = $_GET ['username'];
if (user_exists($username) === true) {
echo "<p>Welcome, ".$_SESSION['Email']. "!<br><a href='logout.php'>Logout</a>\n<a href='index.php'>Back to homepage</a></p>";
?></div>
</div>
<div id="main-content">
<?php
//get username from user id
$MemberID = user_id_from_username($username);
$profile_data =user_data($MemberID, 'Name','Email');//Need to pull out stuff from oddjob table
?>
<h1><?php echo $profile_data['Name']; ?>'s profile</h1>
<p><?php echo $profile_data['Email'];?></p>
<?php
} else {
echo '<p>Sorry, cannot find that user on system.</p>';
}
?>
目前我已经设置了 member.php,这样如果我在 URL 中输入用户名(即用户的电子邮件地址),它就会显示一些特定于该用户的个人资料数据。
但是,当我以用户身份登录并重定向到 member.php 时,我只看到一个空白页面,并且用户名没有显示在 URL 中,只是一条错误消息显示该用户的“未定义变量:用户名”和我不知道如何编辑它以使其正常工作并将成员发送到他们自己的个人资料页面。
相关函数如下:functions.php
function logged_in() {
return (isset($_SESSION['MemberID'])) ? true : false; //Email
}
function user_data($MemberID){
$data = array();
$MemberID =(int)$MemberID;
$func_num_args = func_num_args();
$func_get_args = func_get_args();
if ($func_num_args >1) {
unset($func_get_args[0]);
$fields = '`' . implode('`,`', $func_get_args) . '`';
$data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM `member` WHERE `MemberID` = $MemberID"));//expects parameter 1 to be resourse
return $data;
}
}
function user_id_from_username($username) {
$username = sanitize($username);
return mysql_result(mysql_query("SELECT `MemberID` FROM `member` WHERE `Email` = '$username'"),0, 'MemberID');
初始化.php:
if (logged_in() ===true) {
$session_MemberID = $_SESSION['MemberID'];//undefined?
$user_data= user_data($session_MemberID,'MemberID','Name','Address','Postcode','DOB','Mobile','Email','Password','RepeatPassword');
exit();
}
老实说,我已经看这段代码很久了,我完全不知道如何解决这个问题。如果可以的话请帮忙。
索引.php
<div id= "login">
<form action="login.php" method="post">
<?php
if (logged_in() === true) {
echo "<p>Welcome, ".$_SESSION['Email']. "!<br><a href='logout.php'>Logout</a>";
}else
echo"<h4>Username: <input type='text' name='Email'><br>
Password: <input type='Password' name='Password'>
<input type='submit' value='Log In'><br>
<a href='register2.php'>Register?</a>
</form>"
?>