堆栈内存溢出
  简体   繁体   English

我的登录脚本带有用户名,密码和PIN码,无法使用pin登录(以某种方式)

[英]My login script with username, password and PIN code, doesn't login with pin (Somehow)

 原文  2018-06-21 05:44:49       php/ html/ mysql/ database/ mysqli

问题描述

I got a small issue... I have my own website with a simple mysqli login script, that logs me on, whenever I type in my username, password and PIN code... 我遇到了一个小问题...我有一个自己的网站,带有一个简单的mysqli登录脚本,每当我输入用户名,密码和PIN码时,该脚本都会使我登录...

My problem is now, that I can login to my site using only username and password (without entering a PIN code...), but whenever I type in a PIN code, it has to be the right pin... 我的问题现在是,我只能使用用户名和密码(无需输入PIN码...)登录我的网站,但是每当我输入PIN码时,它都必须是正确的密码...

What can I do to solve this problem? 我该怎么做才能解决这个问题?

My code: 我的代码: 

 <?php $connect = mysqli_connect("localhost", "root", "", "testing"); session_start(); if(isset($_SESSION["username"])) { header("location:entry.php"); } if(isset($_POST["login"])) { if(empty($_POST["username"]) && empty($_POST["pin"])) { echo '<script>alert("Alle felter SKAL udfyldes!")</script>'; } else { $username = mysqli_real_escape_string($connect, $_POST["username"]); $password = mysqli_real_escape_string($connect, $_POST["password"]); $pin = mysqli_real_escape_string($connect, $_POST["pin"]); $password = sha1($password); $pin = sha1($pin); $query = "SELECT * FROM users WHERE username = '$username' AND password = '$password' AND pin = '$pin'"; $result = mysqli_query($connect, $query); if(mysqli_num_rows($result) > 0) { $_SESSION['username'] = $username; header("location:entry.php"); } else { echo '<script>alert("Forkert brugernavn, adgangskode eller pin-kode")</script>'; } } } ?> <!DOCTYPE html> <html> <head> <script> var loc = window.location.href+''; if (loc.indexOf('http://')==0){ window.location.href = loc.replace('http://','https://'); } </script> <title> MJVS - Private area. </title> <link rel="shortcut icon" href="/title_logo.png" /> <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script> <link rel="stylesheet" href="style.css" /> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script> </head> <body> <br /><br /> <div class="container" style="width:500px;"> <h3 align="center"></h3> <br /> <h3 align="center"><b>Login</b></h3> <br /> <form method="post"> <label>Enter Username</label> <input type="text" name="username" class="form-control" /> <br /> <label>Enter Password</label> <input type="password" name="password" class="form-control" /> <br /> <label>Enter PIN</label> <input type="password" name="pin" class="form-control" maxlength="4" /> <br /> <input type="submit" name="login" value="Login" class="btn btn-info" /> <br /> </form> <?php ?> </div> </body> </html>

1 个解决方案

解决方案1
 0  2018-06-21 06:14:58

Use the following code :- 使用以下代码:- 

 <?php  
   $connect = mysqli_connect("localhost", "root", "", "testing");  
   session_start();  
   if(isset($_SESSION["username"]))  
   {  
       header("location:entry.php");  
   }  

   if(isset($_POST["login"]))  
   {  
       if($_POST["username"] == '' || $_POST["pin"] == '')  
       {  
            echo '<script>alert("Alle felter SKAL udfyldes!")</script>';  
       }  
       else  
       {  
           $username = mysqli_real_escape_string($connect, $_POST["username"]);  
           $password = mysqli_real_escape_string($connect, $_POST["password"]);  
           $pin = mysqli_real_escape_string($connect, $_POST["pin"]);  
           $password = sha1($password);  
           $pin = sha1($pin);
           $query = "SELECT * FROM users WHERE username = '$username'";  
           $result = mysqli_query($connect, $query);  
           if(mysqli_num_rows($result) > 0)  
           {
                $row = mysqli_fetch_assoc($connect, $result) ;
                $pass = $row['password'] ;
                $check_pin = $row['pin'] ;

                if ($password === $pass && $pin === $check_pin){
                   $_SESSION['username'] = $username;  
                   header("location:entry.php");
                }    
           }  
           else  
           {  
                echo '<script>alert("Forkert brugernavn, adgangskode eller pin-kode")</script>';  
           }  
      }  
 }  
 ?>

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 允许用户使用用户名和密码以及4位数的密码登录 - Allow user to login with a username & password & 4-digit pin code PHP登录检查用户名和密码不起作用 - PHP login check username and password code doesn't work 登录PHP脚本用户名和密码正确,但无法登录 - Login PHP script Username and password is correct, but won't login PHP登录-if(empty)$ password在我的代码中不起作用,为什么? - PHP Login - if(empty)$password doesn't work in my code, why? 登录失败。 代码不会从 phpmyadmin 窃取用户名密码 - login failure. code doesn't steal username password from phpmyadmin 尽管用户名和密码正确,PHP和Javascript登录仍无法正常工作 - PHP and Javascript Login doesn't work despite correct username and password 使用 pin 将用户登录到 Laravel - Login user into laravel using pin 需要PIN才能登录Symfony2 - Requiring a PIN to login with Symfony2 我的登录代码允许使用不同用户名但具有相同密码访问权限的用户 - My login code allows users with different username but same password access 用户登录脚本:用户可以使用任何用户名和密码登录 - User login script: Users can login with any username and password
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM