PHP登录脚本不起作用
[英]PHP Login script not working
问题描述
I have two users in a database, and when i try login it just stays on the index page. 
我在数据库中有两个用户,当我尝试登录时,它只停留在索引页面上。 If one user is in the database, you can login fine, but with two users it just redirects to the index page. 如果一个用户在数据库中,您可以正常登录,但有两个用户,它只是重定向到索引页面。 Whats the issue. 是什么问题。
<?php
include("connect.php");
$username = $_POST["username"];
$password = $_POST["password"];
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
echo $username;
echo $password;
if (empty($_POST['username']) || empty($_POST['password']))
{
//$_SESSION["login_error"] = "1";
echo 'error code 1';
header ('Location: ../index.php');
}
//$password = sha1($password);
$sql = "SELECT * FROM users";
$result = mysql_query($sql);
if (!$result) die('Invalid query: ' . mysql_error());
$userid = "";
while ($row3 = mysql_fetch_array($result, MYSQL_ASSOC))
{
if(($username == $row3["username"]) && ($password == $row3["password"]))
{
$userid = $row3["id"];
$_SESSION["userid"] = $userid;
//$online = mysql_query("UPDATE numbers SET online='1' WHERE id='".$userid."'")
//or die(mysql_error());
//$type = mysql_query("UPDATE numbers SET type='facetime' WHERE id='".$userid."'")
//or die(mysql_error());
echo $userid;
echo 'error code 2';
header ('Location: ../control_panel.php');
}
else
{
$userid = "";
$_SESSION["userid"] = "";
header ('Location: ../index.php');
echo 'error code 3';
}
//debug
//echo $password;
//$useridvar = $_SESSION["userid"];
//echo $useridvar;
}
if ($_SESSION["userid"]=="")
{
header ('Location: ../index.php');
echo 'error code 4';
}
//else
//{
// $userid = "";
// $_SESSION["userid"]= "";
// header ('Location: ../login.php');
//}
?>
6 个解决方案
解决方案1
4 已采纳 2011-07-29 09:14:11
Your code is very bad. 你的代码非常糟糕。 You are looping through the entire users table? 您正在遍历整个用户表? That's awful. 那是糟糕的。 Try this: 尝试这个:
<?php
include("connect.php");
$username = $_POST["username"];
$password = $_POST["password"];
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
if (empty($_POST['username']) || empty($_POST['password']))
{
header ('Location: ../index.php?emptyusernameorpassword');
die();
}
$result = mysql_query("SELECT * FROM users where username = '".$username."' and password = '".$password."' LIMIT 1") or die('Invalid query: ' . mysql_error());
$row3 = mysql_fetch_assoc($result);
if(mysql_num_rows($result) != 0)
{
$_SESSION["userid"] = $row3["id"];
header ('Location: ../control_panel.php');
die();
}
else
{
$_SESSION["userid"] = "";
header ('Location: ../index.php?invaliduserorpassword');
die();
}
?>
解决方案2
3 2011-07-29 09:41:14
Well, other answers already point to your main mistake: "Don't output anything before sending headers". 好吧,其他答案已经指出了你的主要错误:“在发送标题之前不要输出任何内容”。 Develroot also says that you should not loop through all the records of users table. Develroot还说你不应该遍历用户表的所有记录。
But if you are still interested in the reason why with two users you are redirected to the index, then this is the answer: 但是, 如果您仍然对两个用户重定向到索引的原因感兴趣 ,那么这就是答案:
In your loop you planned that you will loop through all the records of the users table, and if you find the right one, you will redirect to the right place, and if you find a bad one, you redirect to the index. 在循环中,您计划循环遍历users表的所有记录,如果找到正确的记录,则会重定向到正确的位置,如果发现错误的记录,则会重定向到索引。
So, depending on the order of the records in the table, your code usually does this: 因此,根据表中记录的顺序,您的代码通常会执行以下操作:
- record 1: good user? 记录1:好用户? Yes. 是。 Then set "Location" to "panel" 然后将“位置”设置为“面板”
- record 2: good user? 记录2:好用户? No. Overwrite the "Location", set to "index". 否。覆盖“位置”,设置为“索引”。
If you would break your loop after finding the good user, your code would work. 如果你在找到好用户后打破你的循环,你的代码就可以了。 (Inefficiently, but would work). (效率不高,但会奏效)。
Of course, you really should design this procedure in the way Develroot suggests. 当然,你真的应该像Develroot建议的那样设计这个程序。
解决方案3
2 2011-07-29 09:14:34
Your calls to the header() function are preceded by calls to echo() . 您对header()函数的调用之前是对echo()调用。 As far as I know, adding HTTP headers will not work if your script generated output before. 据我所知,如果您的脚本之前生成输出,则添加HTTP标头将不起作用。 Also, I think that the Location HTTP header requires an absolute path beginning with http:// or / . 另外,我认为Location HTTP标头需要一个以http://或/开头的绝对路径。 Then you should probably add exit() calls right after your calls to header() to prevent any other header information from being added later on. 然后你应该在调用header()之后立即添加exit()调用,以防止以后添加任何其他头信息。
解决方案4
1 2011-07-29 09:13:51
You cannot have output before issuing a 'header' command. 在发出'header'命令之前,您无法输出。
Also you need to issue an 'exit' straight after the header command. 你还需要在header命令后直接发出'exit'。
解决方案5
0 2011-07-29 09:37:46
i can't see where you called session_start(); 我看不到你调用session_start()的位置; this should be the first line in ur code if you want to use $_session['var'] in any script, you should start session first using session_start(), then every header() call should be followed by 'exit;' 如果你想在任何脚本中使用$ _session ['var'],这应该是ur代码中的第一行,你应该首先使用session_start()启动会话,然后每个header()调用都应该跟'exit;' without '' ie exit; 没有'即退出; else the script will continue to execute and won't load the link specified in the header. 否则脚本将继续执行,并且不会加载标头中指定的链接。
解决方案6
-1 2011-07-29 09:17:36
Have you checked your error logs? 你检查过错误日志了吗?
You're echoing text and then sending headers, this wont work. 你回复文本,然后发送标题,这不会工作。
Make sure in your php.ini you've set display_errors 1 And at the top of your file error_reporting(-1); 确保在php.ini中设置了display_errors 1并在文件的顶部error_reporting(-1);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.