-4

我是新手程序员。我刚开始学习 php 。此时我尝试制作登录页面。对于登录,我有以下名为“index.php”的代码:

 <!-- LOGIN FORM in: admin/index.php -->
<form method="post" action="restricted.php">
    <p><label for="u_name">username:</label></p>
    <p><input type="text" name="u_name" value=""></p>

    <p><label for="u_pass">password:</label></p>
    <p><input type="password" name="u_pass" value=""></p>

    <p><button type="submit" name="go">log me in</button></p>
</form>
<!-- A paragraph to display eventual errors -->
<p><strong><?php if(isset($error)){echo $error;}  ?></strong></p>

<?php #admin/index.php 
           #####[make sure you put this code before any html output]#####

//connect to server
$dbc = mysqli_connect('localhost','root','') or 
           die('could not connect: '. mysqli_connect_error());

//select db
mysqli_select_db($dbc, 'simple_login') or die('no db connection');

//check if the login form has been submitted
if(isset($_POST['go'])){
    #####form submitted, check data...#####

        //step 1a: sanitise and store data into vars (storing encrypted password)
    $usr = mysqli_real_escape_string($dbc, htmlentities($_POST['u_name']));
    $psw = SHA1($_POST['u_pass']) ; //using SHA1() to encrypt passwords  

        //step2: create query to check if username and password match
    $q = "SELECT * FROM users WHERE name='$usr' AND pass='$psw'  ";

    //step3: run the query and store result
    $res = mysqli_query($dbc, $q);
//
    //make sure we have a positive result
    if($res!=false){
        if(mysqli_num_rows($res)== 1 ){
            #########  LOGGING IN  ##########
            //starting a session  
            session_start();

            //creating a log SESSION VARIABLE that will persist through pages   
            $_SESSION['log'] = 'in';

            //redirecting to restricted page
            header('location:restricted.php');
        } else
        {
            //create an error message   
            $error = 'Wrong details. Please try again'; 
        }
    }
}//end isset go
?> 
<!-- HTML FORM GOES HERE -->

然后我在名为 "restricted.php" 的 php 页面中编写了以下代码。该页面的代码如下:

<?php #admin/restricted.php 
           #####[make sure you put this code before any html output]#####

//starting the session
session_start();

//checking if a log SESSION VARIABLE has been set
if( !isset($_SESSION['log']) || ($_SESSION['log'] != 'in') ){
        //if the user is not allowed, display a message and a link to go back to login page
    echo "You are not allowed. <a href="index.php">back to login page</a>";

        //then abort the script
    exit();
}

/**
*      ####  CODE FOR LOG OUT #### click here to see the logout tutorial 
*/

?> 
<!-- RESTRICTED PAGE HTML GOES HERE -->

但是在提供 jusername 和密码文件后,浏览器向我显示以下错误:

 Parse error: syntax error, unexpected 'index' (T_STRING), expecting ',' or ';' in C:\xampp\htdocs\restricted.php on line 10

为什么会出现这个错误?我该如何解决这个问题?请帮帮我

4

1 回答 1

3

查看语法突出显示,您需要像这样转义 HTML 中的引号:

echo "You are not allowed. <a href=\"index.php\">back to login page</a>";

或者在整个事情周围使用单引号而不是双引号,如下所示:

echo 'You are not allowed. <a href="index.php">back to login page</a>';
于 2013-08-03T19:31:16.713 回答