[英]PHP - First time login page
我正在尝试建立一个网站,该网站将知道用户之前是否已登录该网站。 MYSQL表具有用户名,密码和firstLogin字段。 firstLogin字段是一个整数字段,如果用户尚未登录,则包含1,如果用户过去已登录,则包含2。
登录sysetm登录并启动一个会话,因为它应该这样做,因此,我确定计数返回的值为1。即使firstfirstin整数设置为,我遇到的问题是网站直接进入了homepage.php。 1.在执行更新操作以将整数更改为2.的同时,网站应该会使用welcome.php。我已经盯着它大约一周了。 希望能对您有所帮助。
<?php
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name=""; // Database name
$tbl_name=""; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST ['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT username, password,firstLogin FROM $tbl_name WHERE username='".$myusername."' and password= sha1('".$mypassword."'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
$row = mysql_fetch_array($result);
print_r($row);
exit;
if ($row ['firstLogin']=="1")
{
$sql2 ="UPDATE $tbl_name SET firstLogin = '2' WHERE username ='".$myusername."'";
session_start();
session_register("myusername");
session_register("mypassword");
header("welcome.php");
}
else
{
session_start();
session_register("myusername");
session_register("mypassword");
header("location:home.php");
}
}else
{
echo "Wrong Username or Password";
}
?>
if ($row ['firstLogin']="1") // wrong
您正在做作业。 应该是一个比较。
if ($row ['firstLogin'] == "1") // right
用于检索用户数据的查询中也存在错误。
// -- This is wrong, missing the ending parenthesis, and will not run.
$sql="SELECT username, password,firstLogin FROM $tbl_name WHERE
username='".$myusername."' and password= sha1('".$mypassword."'";
// -- This includes the ending parenthesis, and should run.
$sql="SELECT username, password,firstLogin FROM $tbl_name WHERE
username='".$myusername."' and password= sha1('".$mypassword."')";
除了Jeff Parker的修复程序之外,我建议您将会话启动代码提取到函数中,以免重复代码。 我已经看到您的代码引入了复制和粘贴错误。
另外,考虑到该行将返回整数而不是字符串,我认为$row['firstLogin'] == 1
是可以接受的。
if ($row ['firstLogin']=="1")
{
$sql2 ="UPDATE $tbl_name SET firstLogin = '2' WHERE username ='".$myusername."'";
session_start();
session_register("myusername"); //!! This is possibly an error, you're saving myusername as opposed to $myusername
session_register("mypassword"); // Same as above
header("welcome.php"); // This is possibly an error since the header is missing the "location:" part
}
else
{
session_start();
session_register("myusername");
session_register("mypassword");
header("location:home.php");
}
可以变成
if ($row ['firstLogin']=="1")
{
$sql2 ="UPDATE $tbl_name SET firstLogin = '2' WHERE username ='".$myusername."'";
start_session_and_redirect('welcome.php');
}
else
{
start_session_and_redirect('home.php');
}
然后放置一个功能...
function start_session_and_redirect($location){
session_start();
session_register("myusername"); // I'm also wondering if that's supposed to be $myusername instead of "myusername...
session_register("mypassword");
header("location:$location");
}
如果php不能自动修复它,则上面的代码中可能有一个错误,其中welcome.php前面没有“ location:”,这可以通过具有重复功能的函数来完全防止,您应该始终希望从代码中消除。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.