0

尝试登录我的站点时,脚本返回 Im 使用了错误的用户名或密码。

index.html 的负责人:

<?php
session_start();
require_once 'classes/Membership.php';
$membership = new Membership();
if ($_POST && !empty ($_POST['username']) && !empty ($_POST['password'])) {
$response = $membership->validate_user($_POST['username'], $_POST['password']);
}
?>

index.html 中的表格:

    <div class="login" id="register">
     <form method="POST" action="" accept-charset="utf-8">
      <fieldset>
       <p>
        <label for="username">Username</label><br />
        <input type="text" name="username" value="" id="username">
       </p>
       <p>
        <label for="password">Password</label><br />
        <input type="password" name="password" value="" id="password">
       </p>
      </fieldset>
      <input type="submit" class="button" value="Sign in">
     </form>
    </div>
<?php if(isset($response)) echo "<p class = 'error-msg'>" .$response.".</p>"; ?>

会员资格.php

<?php
require 'MySQL.php';

    class Membership
    {
        function validate_user($username, $password)
        {
            $mysql = new MySQL();
            $ensure_credentials = $mysql->verify_in_db($username,md5($password));

            if ($ensure_credentials)
            {
                $_SESSION['status'] = 'authorized';
                header("location: index_member.php");
            }
            else return "Please enter a correct username and password";
        }
    }

MySQL.php

<?php
require_once 'includes/constants.php';

    class MySQL
        {
            private $conn;

            function __construct()
            {
             $this->conn = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME) 
             or die ('There was a problem connecting to the database.');
            }

            function verify_in_db($username, $password)
            {
                $query = "SELECT * 
                                FROM users
                                WHERE username = ? AND password = ?
                                LIMIT 1";
                if ($stmt = $this->conn->prepare($query))
                {
                $stmt->bind_param('ss', $username, $password);
                $stmt->execute();

                    if ($stmt->fetch())
                    {
                        $stmt->close();
                        return true;
                    }
                }
            }
        }

常量.php

<?php
// Define constants

define ('DB_SERVER', 'localhost');
define ('DB_USER', 'root');
define ('DB_PASSWORD', '');
define ('DB_NAME', 'membership');

没有数据库密码,不要混淆。xampp 上的标准数据库。我尝试使用的凭据是 100% 正确的,sql 常量也是如此。

4

1 回答 1

-1

可能是因为您所说的密码。它的

'密码'

但它应该是这样的,因为 MD5

'fglsdgjdfnfjlsmg905760657604657604jtvymwy'
于 2013-03-30T17:32:40.580 回答