[英]javascript/jquery code to obtain the form # of the form in which the user has selected some text
[英]Modifying the HTML code using Javascript which has some php variables for the Login Form
我在尝试创建登录表单时遇到以下问题。 当用户输入错误的用户ID /密码时,将显示一个小的引导警报。
正确输入凭据后,将对其进行重定向,但输入错误的详细信息后,将重新加载页面。
<?php
$db=mysqli_connect('localhost','root','','hotel');
if(isset($_POST['user_id'])) {
session_start();
$user_id = $_POST['user_id'];
$password = $_POST['password'];
$user_check = "select * from users where user_id = '$user_id' and password ='$password'";
$result = mysqli_query($db, $user_check)
or die("failed to query database" . mysqli_error());
$row = mysqli_fetch_array($result);
if ($row['user_id'] == $user_id && $row['password'] == $password) {
$_SESSION['user_id'] = $_POST['user_id'];
header('Location: reservation.php');
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Login</title>
<link rel="stylesheet" href="login_style.css">
<link rel="stylesheet" href="css/bootstrap.css">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
</head>
<body class="carousel-example-generic">
<div class="container">
<div class="loginbox form-group bg-dark">
<div class="text-light">
<h1 class="text-center" style="padding-bottom: 5px">LOGIN</h1>
<form id="loginForm" action="" method="post" >
<p class="font-weight-bold">User ID</p>
<input type="text" id="user_id" name="user_id" placeholder="Enter Username" required>
<br><br>
<p class="font-weight-bold">Password</p>
<input type="password" id="password" name="password" placeholder="Enter Password" required>
<br><br><br>
<div id="alertLogin" class="alert-danger" style="visibility:hidden">
<p>The User ID or the Password is incorrect</p>
</div>
<input id="loginButton" type="submit" name="submit" value="Login">
<br>
</form>
</div>
</div>
</div>
<script>
$(document).ready(function(e) {
e.preventDefault();
window.history.back();
var a1 = <?php $row['user_id']?>;
var b1 = <?php $row['password']?>;
var a2 = $('#user_id').val();
var b2 = $('#password').val();
if (a1 != a2 || b1 != b2) {
$('#alertLogin').attr('style', 'visibility:visible');
}
})
</script>
</body>
</html>
检查更新的代码:
<?php
$db=mysqli_connect('localhost','root','','hotel');
if(isset($_POST['user_id'])) {
session_start();
$user_id = $_POST['user_id'];
$password = $_POST['password'];
$user_check = "select * from users where user_id = '$user_id' and password ='$password'";
$result = mysqli_query($db, $user_check)
or die("failed to query database" . mysqli_error());
$row = mysqli_fetch_array($result);
if ($row['user_id'] == $user_id && $row['password'] == $password) {
$_SESSION['user_id'] = $_POST['user_id'];
header('Location: reservation.php');
}
else
{?>
<script>
alert("Wrong user name or password");
</script>
<?php
}
}
?>
window.history.back(); 是在每次到达页面时重新加载页面,您打算在这里做什么? 此外,下面的代码对我来说似乎不起作用,如果页面已重新加载#user_id和#password没有值,则行var a1 = <?php $ row ['user_id']?>; 要工作,您应该将php代码包装在引号之间,否则js会将其解释为变量。 我不知道a1,a2,b1和b2之间的比较是否有意义,登录并没有因为这些值不相等而失败,而是因为数据库中的值与用户输入的内容。 最后一件事,您应该在将密码保存到数据库之前对其进行加密,并使用mysql_real_escape_string()避免注入问题。
这是一种可能的解决方案(未经测试)
<?php session_start(); $db=mysqli_connect('localhost','root','','hotel'); $login_error = false; if(isset($_POST['user_id'])) { $user_id = mysql_real_escape_string($_POST['user_id']); $password = mysql_real_escape_string($_POST['password']); $user_check = "select 1 from users where user_id = '$user_id' and password ='$password'"; $result = mysqli_query($db, $user_check) or die("failed to query database" . mysqli_error()); if ( mysqli_num_rows($result) > 0 ) { $_SESSION['user_id'] = $_POST['user_id']; header('Location: reservation.php'); }else { $login_error = true; } } ?> <!DOCTYPE html> <html lang="en"> <head> <title>Login</title> <link rel="stylesheet" href="login_style.css"> <link rel="stylesheet" href="css/bootstrap.css"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> </head> <body class="carousel-example-generic"> <div class="container"> <div class="loginbox form-group bg-dark"> <div class="text-light"> <h1 class="text-center" style="padding-bottom: 5px">LOGIN</h1> <form id="loginForm" action="" method="post" > <p class="font-weight-bold">User ID</p> <input type="text" id="user_id" name="user_id" placeholder="Enter Username" required> <br><br> <p class="font-weight-bold">Password</p> <input type="password" id="password" name="password" placeholder="Enter Password" required> <br><br><br> <?php if($login_error){ ?> <div id="alertLogin" class="alert-danger" style="visibility:hidden"> <p>The User ID or the Password is incorrect</p> </div> <?php } ?> <input id="loginButton" type="submit" name="submit" value="Login"> <br> </form> </div> </div> </div> </body> </html>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.