0

I'm trying to login on a site i made i have a registration form thats save data in a text file, then i have PHP code on my login.php page to open the file explode each line and then check the user entered a matching email and password when logging in. My problem Is I end up with a notice saying "undefined index: email" then it says username or password incorrect, even though they are correct. Do I need to declare the variable or use isset somehow to solve the problem or is there something wrong with my code?

Login.php:

<?php
if (isset($_POST['submitBtn'])){
$file = explode( "PHP_EOL", file_get_contents( "users.txt" ));

foreach( $file as $line ) {
list( $fname, $lname, $email, $userpass) = explode( "||", $line );

if( $_POST['email'] == $email && $_POST['userpass'] == $userpass ) {
// User authenticated correctly
echo "You've successfully logged in!";
echo "<br>";
echo '<a href="home.php">Member\'s Only Site!</a>';
} else {
// User did not authenticate
echo "Invalid Username or Password";
}
}
} 
?>

Regform.php

else {
    $userpass = md5($pass1);
    $fp = fopen("Text_Database\users.txt", "a");
    $savestring = $fname . "||" . $lname . "||" . $email . "||" . $userpass . "||" .PHP_EOL;
    fwrite($fp, $savestring);
    fclose($fp);
    echo 'You have successfully registered!';   
    }
   }
 ?>

Login form:

<form action="" method="post" name="loginform">
    <table width="100%">
      <tr><td>Username:</td><td> <input class="text" name="username" type="text"  /></td></tr>
      <tr><td>Password:</td><td> <input class="text" name="password" type="password" /></td></tr>
      <tr><td colspan="2" align="center"><input class="text" type="submit" name="submitBtn" value="Login" /></td></tr>
    </table>  
  </form>
4

2 回答 2

3

您正在发送用户名和密码

  <tr><td>Username:</td><td> <input class="text" name="username" type="text"  /></td></tr>
  <tr><td>Password:</td><td> <input class="text" name="password" type="password" /></td></tr>

但是您正在检查电子邮件

$_POST['email']

尝试改变

if( $_POST['email'] == $email && $_POST['userpass'] == $userpass ) {


if( $_POST['username'] == $email && $_POST['password'] == $userpass ) {

您在输入名称中设置的内容将是 POST 变量的名称。

 name="username" will be $_POST['username']
于 2013-08-01T12:34:50.340 回答
0

您的表单似乎没有将emailanduserpass字段发送到您的 Login.php。或者至少不是那些名字。

确保正确指定<input>标签的名称,如下所示:

<form method="post" action="Login.php">
   <input type="text" name="email" />
   <input type="password" name="userpass" />

   <input type="submit" name="submitBtn" value="Submit" />
</form>

此外,您应该在评估它们之前检查是否设置了emailand键(就像您对 所做的那样)。userpasssubmitBtn

if (isset($_POST['email']) && isset($_POST['userpass'])) {
    // ...
}

哦,还有最后一件事。请不要将密码保存在未加密的文本文件中。使用 bcrypt 或至少 MD5 或 SHA1 之类的东西。

于 2013-08-01T12:37:41.340 回答