0

有谁知道可能出了什么问题?我已经尝试了一切,搜索了一切,但一无所获。可能只是有一个我看不到的错字。

函数类

function validate_credentials($user_name, $user_password) {
    $user_name      = mysql_real_escape_string($user_name);
    $user_password  = sha1($user_password);

    $result = mysql_query("SELECT `user_id` FROM `users` WHERE `user_name` = '{$user_name}' AND `user_password` = '{$user_password}'");

    if (mysql_num_rows($result) !== 1) {
        return false;
    }

    return mysql_result($result, 0);
}

班级

include('./core/user.inc.php');

if (isset($_POST['user_name'], $_POST['user_password'])) {
    if (($user_id = validate_credentials($_POST['user_name'], $_POST['user_password'])) != false) {
        $_SESSION['user_id'] = $user_id;

        header('Location: ./messages/');

        die();
    }
}

这是我的 HTML:

<form method="post" action="./sign-in.php">
    <input type="text" name="user_name" id="user_name" placeholder="Username" />
    <input type="password" name="user_password" id="user_password" placeholder="Password" />
    <input type="submit" placeholder="Confirm Password" value="Sign in" />
</form>
4

2 回答 2

0

你可以试试

$user_id = validate_credentials($_POST['user_name'], $_POST['user_password'])

if($user_id){
  $_SESSION['user_id'] = $user_id;  blahblah}
于 2013-08-25T08:02:37.203 回答
0 
function validate_credentials($user_name, $user_password) {
   $user_name = trim(mysql_real_escape_string($user_name));
   $user_password = trim(mysql_real_escape_string(sha1($user_password)));

   $result = @mysql_query("SELECT user_id FROM users WHERE user_name = '".$user_name."' AND user_password = '".$user_password."'");

   if (mysql_num_rows($result) != 1) {
      return false;
   }
   return mysql_result($result, 0);

}

include('./core/user.inc.php');

if (isset($_POST['user_name']) && isset($_POST['user_password'])) {
   $user_id = validate_credentials($_POST['user_name'], $_POST['user_password']);
   if ($user_id) {
      $_SESSION['user_id'] = $user_id;
      header('Location: ./messages/');
      die();
   }
}
于 2013-08-30T08:09:23.697 回答