0

好的,我正在通过 AJAX 进行登录页面。出于某种奇怪的原因。下面的 AJAX POST 页面。

<?php
require_once($_SERVER['DOCUMENT_ROOT'].'/lib/user.php');
require_once($_SERVER['DOCUMENT_ROOT'].'/lib/db.php');
$db = dblogin();

$email = $_POST['email'];
$pass = $_POST['pass'];
$query = "SELECT *  FROM `user` WHERE `email`='".$email."'";

$res = $db->query($query);
if($res->num_rows!='0'){
    if($res->num_rows=='1'){
        $list=$res->fetch_assoc();
    }
}else{
    $list = false;
}
$invalid = <<<_END

<form>
<table>
    <caption>Invalid credentials, please try again.</caption>
    <tr>
        <td>Email:</td><td><input type='email' id='email' name='email' /></td>
    </tr>
    <tr>
        <td>Password:</td><td><input type='password' id='password' name='password' /> </td>
    </tr>
    <tr><td colspan='2' align='center'><input type='button' onclick="login()" value="Log In"></td></tr>
</table>
</form>

_END;


//if the return is false, this executes, which states that the email is not found
//and prompts for a new login
/*if ($list == false){
    $query = "INSERT INTO `failloglog` (`ip`,`email`) VALUES ('".$_SERVER['REMOTE_ADDR']."','".$email."')";
    $db = dblogin();
    $db->query($query);
    echo $invalid;
}*/

//otherwise, it compares the passwords
//else{
    if (pass_compare($pass,$list['password'])){
        cookify($email);
        echo "success";
    }
    else{
        //$query = "INSERT INTO `failloglog` (`ip`,`email`) VALUES ('".$_SERVER['REMOTE_ADDR']."','".$email."')";
        //$db = dblogin();
        //$db->query($query);
        echo $invalid;
    }
//}



?>

而不是只给我$invalid,而是console.log(response)给我一个完全格式化的 html 页面,页面在这里https://www.dropbox.com/s/hmejactu54891p6/response.txt

这是 jQuery 调用。

function login()
{
    var email = $('#email').val();
    var pass = $('#password').val();
    $('#login').html('<img src="img/pleasewait.gif" id="pleasewait"/>');
    $.ajax({
        url: "http://$location/lib/ajax/login.php",
        type: "POST",
        data:{
            email: email,
            pass: pass
        }
    })
    .always(function(response){
        console.log(response);
        if(response=="success"){
            location.href = "http://$location/home.php";
        }
        else{
            $('#login').html(response);
        }
    });
}

有什么建议么?

4

1 回答 1

0

它原来是我用于 cookie 验证的另一个 php 文件中的另一个块。

//Prevents not logged in people from getting to inner pages

if (($page != " - Login Page") AND ($page !=" - Confirm Account") AND ($page !=" - User Account Creation") AND (!ISSET($_COOKIE['key'])))
{
    header("Location: http://$location");
}

这是我稍后将不得不返回以重新检查我的方法的方法。好在我计划随着时间的推移更新这个网站/平台。

于 2013-06-19T14:51:03.700 回答