登录 PHP:用户级别使用 MYSQL 在单页登录
[英]Login PHP: User Level Login in single page using MYSQL
问题描述
sorry if what I'm about to ask is something really basic, but I've been stuck on this for two weeks.
抱歉,如果我要问的是非常基本的问题,但我已经坚持了两个星期。
I have a login page where User can login to my website.我有一个登录页面,用户可以在其中登录我的网站。 Different user's role will be prompt to different pages.不同用户的角色将被提示到不同的页面。 Now, the login is fine, but when my user key in wrong password or username, there's no warning triggered and user stays on the blank login.php page when user supposed to be redirected back at index.php and warning is triggered.现在,登录很好,但是当我的用户输入错误的密码或用户名时,没有触发警告并且用户停留在空白登录。php 页面当用户应该被重定向回 index.php 并触发警告时。
Below is my code下面是我的代码
login form (index.php)登录表单(index.php)
<div class="login-box-body"> <form method="post" action="login.php"> <div class="form-group has-feedback"> <input type="username" name="username" class="form-control" placeholder="Username"> <span class="glyphicon glyphicon-user form-control-feedback"></span> </div> <div class="form-group has-feedback"> <input type="password" name="password" class="form-control" placeholder="Password"> <span class="glyphicon glyphicon-lock form-control-feedback"></span> </div> <div class="row"> <div class="col-xs-8"> </div> <.-- /.col --> <div class="col-xs-4"> <button class="btn btn-primary btn-block btn-flat" type="submit" name="login" value="true">Sign In</button> </div> <!-- /.col --> </div> </form> </div>
and here my back end script (login.php)这里是我的后端脚本(login.php)
<?php session_start(); $conn=mysqli_connect('localhost','root','','snapshot'); //Getting Input value if(isset($_POST['login'])){ $username=mysqli_real_escape_string($conn,$_POST['username']); $password=mysqli_real_escape_string($conn,$_POST['password']); if(empty($username)&&empty($password)){ $error= 'Fields are Mandatory'; }else{ //Checking Login Detail $result=mysqli_query($conn,"SELECT*FROM user WHERE username='$username' AND password='$password'"); $row=mysqli_fetch_assoc($result); $count=mysqli_num_rows($result); if($count==1){ $_SESSION['user']=array( 'id' =>$row['id'], 'username'=>$row['username'], 'uname'=>$row['uname'], 'password'=>$row['password'], 'role'=>$row['role'] ); $role=$_SESSION['user']['role']; //Redirecting User Based on Role switch($role){ case 'user': header('location:user/dashboard.php'); break; case 'management': header('location:management/index.php'); break; case 'admin': header('location:admin/index.php'); break; } }else{ $error='Your PassWord or UserName is not Found'; } } }?>
and before asking I already read few similar questions and find no solutions.在问之前,我已经阅读了一些类似的问题,但没有找到解决方案。 Thank you in advance for the help.预先感谢您的帮助。
1 个解决方案
解决方案1
1 已采纳 2020-04-22 03:56:47
At the end of login.php you're setting the value of $error to Your PassWord or UserName is not Found - however nothing further is happening.在 login.php 结束时,您将 $error 的值设置为Your PassWord 或 UserName is not Found - 但是没有进一步发生。
Your switch that redirects the user only comes into play if the user is found in the database, on a side note here you should be encrypting the users password and comparing the hashes.仅当在数据库中找到用户时,重定向用户的开关才会起作用,在旁注中,您应该加密用户密码并比较哈希值。
To solve your issue, try doing something like the following:要解决您的问题,请尝试执行以下操作:
} else {
$error='Your PassWord or UserName is not Found';
header('location:login.php?error=' . $error);
}
Then in your login form you can simply check for the error message and display it:然后在您的登录表单中,您可以简单地检查错误消息并显示它:
<?php if(isset($_GET['error'])): ?>
<div><?= $_GET['error'] ?></div>
<?php endif ?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.