尝试登录我的站点时,脚本返回 Im 使用了错误的用户名或密码。
index.html 的负责人:
<?php
session_start();
require_once 'classes/Membership.php';
$membership = new Membership();
if ($_POST && !empty ($_POST['username']) && !empty ($_POST['password'])) {
$response = $membership->validate_user($_POST['username'], $_POST['password']);
}
?>
index.html 中的表格:
<div class="login" id="register">
<form method="POST" action="" accept-charset="utf-8">
<fieldset>
<p>
<label for="username">Username</label><br />
<input type="text" name="username" value="" id="username">
</p>
<p>
<label for="password">Password</label><br />
<input type="password" name="password" value="" id="password">
</p>
</fieldset>
<input type="submit" class="button" value="Sign in">
</form>
</div>
<?php if(isset($response)) echo "<p class = 'error-msg'>" .$response.".</p>"; ?>
会员资格.php
<?php
require 'MySQL.php';
class Membership
{
function validate_user($username, $password)
{
$mysql = new MySQL();
$ensure_credentials = $mysql->verify_in_db($username,md5($password));
if ($ensure_credentials)
{
$_SESSION['status'] = 'authorized';
header("location: index_member.php");
}
else return "Please enter a correct username and password";
}
}
MySQL.php
<?php
require_once 'includes/constants.php';
class MySQL
{
private $conn;
function __construct()
{
$this->conn = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME)
or die ('There was a problem connecting to the database.');
}
function verify_in_db($username, $password)
{
$query = "SELECT *
FROM users
WHERE username = ? AND password = ?
LIMIT 1";
if ($stmt = $this->conn->prepare($query))
{
$stmt->bind_param('ss', $username, $password);
$stmt->execute();
if ($stmt->fetch())
{
$stmt->close();
return true;
}
}
}
}
常量.php
<?php
// Define constants
define ('DB_SERVER', 'localhost');
define ('DB_USER', 'root');
define ('DB_PASSWORD', '');
define ('DB_NAME', 'membership');
没有数据库密码,不要混淆。xampp 上的标准数据库。我尝试使用的凭据是 100% 正确的,sql 常量也是如此。