我似乎无法获取用户信息来验证。我与服务器建立了连接,因为我可以将信息转储到数组 print_r 中并查看它。这是我正在使用的代码。我可以在表单中输入数据,当我点击提交时,什么也没有发生。它从字段中清除数据,仅此而已。似乎刷新了页面。没有成功或拒绝结果。
登录:
function login()
{
print '<div class="container">';
print'<form class="form-horizontal"> ';
print' <div class="control-group">';
print' <style>margin: 100px,auto;</style>';
print "<form action=\"validation.php\" method=\"POST\" >";
print' <label class="control-label" for="inputUsername">Username</label>';
print' <div class="controls">';
print' <input type="text" id="inputUsername" placeholder="Username">';
print' </div>';
print' </div>';
print' <div class="control-group">';
print' <label class="control-label" for="inputPassword">Password</label>';
print' <div class="controls">';
print' <input type="text" id="inputPassword" placeholder="Password">';
print' </div>';
print' </div>';
print' <div class="control-group">';
print' <div class="controls">';
print' <label class="checkbox">';
print' <input type="checkbox"> Remember me';
print' </label>';
print' <button type="submit" class="btn">Sign in</button>';
print' </div>';
print' </div>';
print'</form>';
print' </div>';
}
/*** begin our session ***/
session_start();
include ('includes/common.php');
/*** check if the users is already logged in ***/
if(isset( $_SESSION['user_id'] ))
{
$message = 'Users is already logged in';
}
/*** check that both the username, password have been submitted ***/
if(!isset( $_POST['inputUsername'], $_POST['inputPassword']))
{
$message = 'Please enter a valid username and password';
}
/*** check the username is the correct length ***/
elseif (strlen( $_POST['inputUsername']) > 20 || strlen($_POST['inputUsername']) < 4)
{
$message = 'Incorrect Length for Username';
}
/*** check the password is the correct length ***/
elseif (strlen( $_POST['inputPassword']) > 20 || strlen($_POST['inputPassword']) < 4)
{
$message = 'Incorrect Length for Password';
}
/*** check the username has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['inputUsername']) != true)
{
/*** if there is no match ***/
$message = "Username must be alpha numeric";
}
/*** check the password has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['inputPassword']) != true)
{
/*** if there is no match ***/
$message = "Password must be alpha numeric";
}
else
{
/*** if we are here the data is valid and we can insert it into database ***/
$inputUsername = filter_var($_POST['inputUsername'], FILTER_SANITIZE_STRING);
$inputPassword = filter_var($_POST['inputPassword'], FILTER_SANITIZE_STRING);
/*** now we can encrypt the password ***/
$inputPassword = sha1( $inputPassword );
//DB Connection
try
{
$dbh=new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
/*** $message = a message saying we have connected ***/
/*** set the error mode to excptions ***/
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
/*** prepare the select statement ***/
$stmt = $dbc->prepare("SELECT middleclik, inputUsername, inputPassword FROM middleclik
WHERE inputUsername = :inputUsername AND inputPassword = :inputPassword");
/*** bind the parameters ***/
$stmt->bindParam(':inputUsername', $inputUsername, PDO::PARAM_STR);
$stmt->bindParam(':inputPassword', $inputPassword, PDO::PARAM_STR, 40);
/*** execute the prepared statement ***/
$stmt->execute();
/*** check for a result ***/
$user_id = $stmt->fetchColumn();
/*** if we have no result then fail boat ***/
if($user_id == false)
{
print "Login Failed";
}
/*** if we do have a result, all is well ***/
else
{
/*** set the session user_id variable ***/
$_SESSION['user_id'] = $user_id;
/*** tell the user we are logged in ***/
print "You are now logged in";
}
}
catch(Exception $e)
{
/*** if we are here, something has gone wrong with the database ***/
$message = 'We are unable to process your request. Please try again later"';
}
}