用户登录不起作用?
[英]User login won't work?
问题描述
The database is working, but when I try to login with the info I signed up with it just tells me information is incorrect as I told it to say that but I know info is right. 
该数据库正在运行,但是当我尝试使用该信息登录时,我所注册的信息只是告诉我信息不正确,因为我告诉它说那是正确的,但我知道该信息是正确的。 I do not see a problem below so any help is 100% appreciated. 我在下面没有看到任何问题,因此我们非常感谢您的帮助。 Please note Im new to coding to. 请注意我是编码新手。 If you need to see more code I can post. 如果您需要查看更多代码,我可以发布。 Also I am only using md5 as I was told to sub that in for now and it should work but still nope. 而且我只是在使用md5,因为被告知要sub,现在应该可以,但是仍然不行。
Thanks! 谢谢!
//User login
if (isset($_POST["user_login"]) && isset($_POST["password_login"])) {
$user_login = preg_replace('#[^A-Za-z0-9]#i', ' ', $_POST["user_login"]); // filter everything but numbers and letters
$password_login = preg_replace('#[^A-Za-z0-9]#i', ' ', $_POST["password_login"]); // filter everything but numbers and letters
$password_login_md5 = md5($password_login);
$sql = mysql_query("SELECT id FROM users WHERE username='$user_login' AND password='$password_login_md5 LIMIT 1"); // query
//Check for their existence
$valid = md5($password, $hash) === $hash;
if ($userCount == 1) {
while($row = mysql_fetch_array($sql)){
$id = $row["id"];
}
$_SESSION["user_login"] = $user_login;
header("location: home.php");
exit();
} else {
echo 'That information is incorrect, try again';
exit();
}
}
?>
<div style="width: 800px; margin: 0px auto 0px auto;">
<table>
<tr>
<td width="60%" valign="top">
<h2>Already a member? Sign in below!</h2>
<form action="index.php" method="POST">
<input type="text" name="user_login" size="25" placeholder="Username" /><br /><br />
<input type="text" name="password_login" size="25" placeholder="Password" /><br /><br />
<input type="submit" name="login" size="25" value="Login!" />
Sign up form. 签署表格。
<?php include ( "./inc/header.inc.php" ); ?>
<?php
$reg = @$_POST['reg'];
//declaring variables to prevent errors
$fn = ""; //First Name
$ln = ""; //Last Name
$un = ""; //Username
$em = ""; //Email
$em2 = ""; //Email 2
$pswd = ""; //Password
$pswd2 = ""; //Password 2
$d = ""; //Sighn up date and time
$u_check = ""; // Check if username exists
//registration form
$fn = strip_tags(@$_POST['fname']);
$ln = strip_tags(@$_POST['lname']);
$un = strip_tags(@$_POST['username']);
$em = strip_tags(@$_POST['email']);
$em2 = strip_tags(@$_POST['email2']);
$pswd = strip_tags(@$_POST['password']);
$pswd2 = strip_tags(@$_POST['password2']);
$d = date("Y-m-d"); //Year - Month - Day
if ($reg) {
if ($em==$em2) {
// Check if user already exists
$u_check = mysql_query("SELECT username FROM users WHERE username='$un' ");
// Count the amount of rows where username - $un
$check = mysql_num_rows($u_check);
if ($check == 0) {
// Check all of the fields have been filed in
if ($fn&&$ln&&$un&&$em&&$em2&&$pswd&&$pswd2) {
// Check that passwords match
if ($pswd==$pswd2) {
// Check the maximum length of username/first name/last name does not exceed 25 characters
if (strlen($un)>25||strlen($fn)>25||strlen($ln)>25) {
echo "The maximum limit for username/first name/last name is 25 characters!";
}
else
{
// Check the maximum length of password does not exceed 30 characters and is not less than 5 characters
if (strlen($pswd)>30||strlen($pswd)<5) {
echo "Your password must be between 5 and 30 characters long!";
}
else
{
//encrypt password and password 2 using md5 before sending to database
$pswd = md5($pswd);
$pswd2 = md5($pswd2);
$query = mysql_query("INSERT INTO users VALUES (' ','$un','$fn','$ln','$em','$pswd','$d','0')");
die("<h2>Welcome to YouBook</h2>Login to your account to get started!");
}
}
}
else {
echo "Your passwords don't match!";
}
}
else
{
echo "Please fill in all of the fields!";
}
}
else
{
echo "Username already taken!";
}
}
else {
echo "Your E-mails don't match!";
}
}
Edit (03/30/2014) 编辑(03/30/2014)
All new code put together. 所有新代码放在一起。
<?php include ( "./inc/header.inc.php" ); ?>
<?php
$reg = @$_POST['reg'];
//declaring variables to prevent errors
$fn = ""; //First Name
$ln = ""; //Last Name
$un = ""; //Username
$em = ""; //Email
$em2 = ""; //Email 2
$pswd = ""; //Password
$pswd2 = ""; //Password 2
$d = ""; //Sighn up date and time
$u_check = ""; // Check if username exists
//registration form
$fn = strip_tags(@$_POST['fname']);
$ln = strip_tags(@$_POST['lname']);
$un = strip_tags(@$_POST['username']);
$em = strip_tags(@$_POST['email']);
$em2 = strip_tags(@$_POST['email2']);
$pswd = strip_tags(@$_POST['password']);
$pswd2 = strip_tags(@$_POST['password2']);
$d = date("Y-m-d"); //Year - Month - Day
if ($reg) {
if ($em==$em2) {
// Check if user already exists
$u_check = mysql_query("SELECT username FROM users WHERE username='$un' ");
// Count the amount of rows where username - $un
$check = mysql_num_rows($u_check);
if ($check == 0) {
// Check all of the fields have been filed in
if ($fn&&$ln&&$un&&$em&&$em2&&$pswd&&$pswd2) {
// Check that passwords match
if ($pswd==$pswd2) {
// Check the maximum length of username/first name/last name does not exceed 25 characters
if (strlen($un)>25||strlen($fn)>25||strlen($ln)>25) {
echo "The maximum limit for username/first name/last name is 25 characters!";
}
else
{
// Check the maximum length of password does not exceed 30 characters and is not less than 5 characters
if (strlen($pswd)>30||strlen($pswd)<5) {
echo "Your password must be between 5 and 30 characters long!";
}
else
{
//encrypt password and password 2 using md5 before sending to database
$pswd = md5($pswd);
$pswd2 = md5($pswd2);
$query = mysql_query("INSERT INTO users VALUES (' ','$un','$fn','$ln','$em','$pswd','$d','0')");
die("<h2>Welcome to YouBook</h2>Login to your account to get started!");
}
}
}
else {
echo "Your passwords don't match!";
}
}
else
{
echo "Please fill in all of the fields!";
}
}
else
{
echo "Username already taken!";
}
}
else {
echo "Your E-mails don't match!";
}
}
if (isset($_POST["user_login"]) && isset($_POST["password_login"])) {
// filter everything but numbers and letters
$user_login = strip_tags($_POST['user_login']);
$password_login = strip_tags($_POST["password_login"]);
// md5 to hide the password
$password_login_md5 = md5($password_login);
// check for user in the database
$sql = mysql_query("SELECT id FROM users WHERE username='$user_login' AND password='$password_login_md5' LIMIT 1");
// checck how many results were found
$usercount = mysql_num_rows($sql);
if ($userCount == 1) {
// if there's only one row, you don't need a while loop as it will only loop once anyway.
$row = mysql_fetch_array($sql);
// set the ID of the user
$id = $row["id"];
// set the user login to session
$_SESSION["user_login"] = $user_login;
// redirect user and exit
header("location: home.php");
exit();
} else {
// a user was not found with that password, show an error
echo 'That information is incorrect, try again.';
exit();
}
}
?>
<div style="width: 800px; margin: 0px auto 0px auto;">
<table>
<tr>
<td width="60%" valign="top">
<h2>Already a member? Sign in below!</h2>
<form action="index.php" method="POST">
<input type="text" name="user_login" size="25" placeholder="Username" /><br /><br />
<input type="text" name="password_login" size="25" placeholder="Password" /><br /><br />
<input type="submit" name="login" size="25" value="Login!" />
</form>
</td>
<td width="40%" valign="top">
<h2>Sign Up Below!</h2>
<form action="index.php" method="POST">
<input type="text" name="fname" size="25" placeholder="First Name" /><br /><br />
<input type="text" name="lname" size="25" placeholder="Last Name" /><br /><br />
<input type="text" name="username" size="25" placeholder="Username" /><br /><br />
<input type="text" name="email" size="25" placeholder="Email Address" /><br /><br />
<input type="text" name="email2" size="25" placeholder="Email Address (again)" /><br /><br />
<input type="text" name="password" size="25" placeholder="Password" /><br /><br />
<input type="text" name="password2" size="25" placeholder="Password (again)" /><br /><br />
<input type="submit" name="reg" size="25" value="Sign Up!" />
</form>
</td>
</tr>
</table>
<?php include ( "./inc/footer.inc.php" ); ?>
1 个解决方案
解决方案1
1 2014-03-29 00:00:52
0) You're missing the closing quote on your password -> 0)您缺少密码的右引号->
$sql = mysql_query("SELECT id FROM users WHERE username='$user_login' AND password='$password_login_md5' LIMIT 1"); // query
1) $userCount doesn't seem to be defined anywhere. 1) $userCount似乎没有在任何地方定义。
$usercount = mysql_num_rows($sql);
1f ($userCount == 1) {...}
It helps to keep your code clean as well, especially when you're learning. 它还有助于保持代码的清洁,尤其是在学习时。 Try this. 尝试这个。
if (isset($_POST["user_login"]) && isset($_POST["password_login"])) {
// filter everything but numbers and letters
$user_login = preg_replace('#[^A-Za-z0-9]#i', ' ', $_POST["user_login"]);
$password_login = preg_replace('#[^A-Za-z0-9]#i', ' ', $_POST["password_login"]);
// md5 to hide the password
$password_login_md5 = md5($password_login);
// check for user in the database
$sql = mysql_query("SELECT id FROM users WHERE username='$user_login' AND password='$password_login_md5' LIMIT 1");
// checck how many results were found
$usercount = mysql_num_rows($sql);
if ($userCount == 1) {
// if there's only one row, you don't need a while loop as it will only loop once anyway.
$row = mysql_fetch_array($sql);
// set the ID of the user
$id = $row["id"];
// set the user login to session
$_SESSION["user_login"] = $user_login;
// redirect user and exit
header("location: home.php");
exit();
} else {
// a user was not found with that password, show an error
echo 'That information is incorrect, try again';
exit();
}
}
EDIT 编辑
One more tip.. 还有一点提示
Check your query for errors 检查您的查询是否有错误
$sql = mysql_query("SELECT id FROM users WHERE username='$user_login' AND password='$password_login_md5' LIMIT 1") or die(mysql_error());
you may have misspelled something or not even be connected to the database at all. 您可能拼错了什么,甚至根本没有连接到数据库。
EDIT II 编辑二
You have to handle the username and password exactly the way you handle it your sign up form, if you strip_tags the password before inserting it then you have to strip_tags it before you check it. 您必须完全按照注册表单中的方式来处理用户名和密码,如果在插入密码之前先strip_tags密码,则必须先对其进行strip_tags 。 If you preg_replace it in the login form, but didn't in the sign up form then of course it will be different. 如果您将preg_replace为登录表单,但未将其preg_replace为注册表单,那么当然会有所不同。
you need to remove these lines 您需要删除这些行
$user_login = preg_replace('#[^A-Za-z0-9]#i', ' ', $_POST["user_login"]);
$password_login = preg_replace('#[^A-Za-z0-9]#i', ' ', $_POST["password_login"]);
and replace them with 并替换为
$user_login = strip_tags($_POST['user_login']);
$password_login = strip_tags($_POST["password_login"]);
Don't forget to hit the check mark by my answer. 别忘了按我的答案打勾。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
登录将无法正常运行PHP - Login won't work properly PHP
Codeigniter登录页面不起作用 - Codeigniter login page won't work
来自数据库的php用户登录将无法登录 - php user login from database won't login
编辑用户模式无效: - Edit User Modal won't work :?
PHP简单的登录系统,将无法正常工作 - PHP Simple login system that just won't work
登录后为什么标头重定向不起作用? - Why won't header redirect work after login?
没有数据库的 PHP 登录 - 为什么这样的方法不起作用? - PHP Login without database - Why approach like this won't work?
为什么我的Gmail登录无法使用PHP和CURL? - Why won't my Gmail login work using PHP and CURL?
登录页面让我感到困惑,为什么不能正常工作? - Login page is baffling me, why won't this work?
为什么我的ajax登录脚本不起作用? - Why does my ajax login script won't work?
相关标签