Javascript 登录未执行
我已经创建了一个登录页面,但它不起作用。 我的HTML是:Javascript 登录未执行,javascript,php,jquery,html,Javascript,Php,Jquery,Html,我已经创建了一个登录页面,但它不起作用。 我的HTML是: <form name="form" class="login-form" method="POST"> <input type="text" placeholder="username" name="userID" id="userID"/> <input type="password" placeholder="password" id="password" name="p
<form name="form" class="login-form" method="POST">
<input type="text" placeholder="username" name="userID" id="userID"/>
<input type="password" placeholder="password" id="password" name="password"/>
<input type="button" id="login" name="login" value="login" onclick="redirect()"></input>
我的JS是:
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
<script type="text/javascript">
$(document).ready(function redirect(){
$("#login").click(function(){
var user = $('#userID').val();
var passwrd = $('#password').val();
if (user === '' || passwrd === ''){
alert("Please Fill Required Fields");
}
else{
<?php confirm();?>
var userID="<?php echo $username?>";
var pwd="<?php echo $pwd?>";
if(userID===user && pwd===passwrd)
{
window.location.href = 'http://localhost/Annapoorna/Welcome_Page.php';
}
else
{
alert("Please enter correct username and password!");
}
}
});
});
</script>
$(文档).ready(函数重定向(){
$(“#登录”)。单击(函数(){
var user=$('#userID').val();
var passwrd=$('#password').val();
如果(用户==''| |密码==''){
警告(“请填写必填字段”);
}
否则{
var userID=“”;
var pwd=“”;
if(userID==user&&pwd===passwrd)
{
window.location.href=http://localhost/Annapoorna/Welcome_Page.php';
}
其他的
{
警报(“请输入正确的用户名和密码!”);
}
}
});
});
PHP是:
<?php
function confirm(){
try{
$username="";
$pwd="";
$pword="";
$servername = "localhost";
$conusername = "root";
$conpassword = "";
$dbname = "annapoorna";
$dsn='mysql:dbname='.$dbname.';host='.$servername;
$conn = new PDO($dsn, $conusername, $conpassword);
$get_pass=$_POST(['password']);
if(!empty($get_pass))
{
$sqlselect='Select * from users where password=:pass';
$sth=$conn->prepare($sqlselect);
$sth->execute(array(':pass'=>$get_pass));
foreach ($sth->fetchAll() as $row) {
$username=$row['username'];
$pwd=$row['password'];
}
}
}
catch(PDOException $e){
echo "Error: " . $e->getMessage();
}}
?>
它仅适用于针对“:pass”的查询中输入的静态密码值。为什么它不能动态工作?
所以我认为问题在于从前端获取数据。
祈祷吧,告诉我什么恶魔在我的密码上盘旋 使用js或jquery提交表单。尝试如下更新您的代码
if(userID===user && pwd===passwrd)
{
document.getElementById("formid").submit();
}
在php中,删除大括号,更改
$get_pass=$_POST(['password']);
到
你可以这样用
<form name="form" class="login-form" method="POST">
<input type="text" placeholder="username" name="userID" id="userID"/>
<input type="password" placeholder="password" id="password" name="password"/>
<input type="button" id="login" name="login" value="login" onclick="redirect()"></input>
</form>
<script type="text/javascript">
$(document).ready(function redirect(){
$("#login").click(function(){
var user = $('#userID').val();
var passwrd = $('#password').val();
if (user === '' || passwrd === ''){
alert("Please Fill Required Fields");
}
else {
$.ajax({
url: "validate.php",
type: "post",
data : {
username: user,
password: passwrd
},
success: function(data){
alert(data);
if(data=="ok"){
window.location.href="http://localhost/Annapoorna/Welcome_Page.php";
}
}
});
}
});
});
</script>
$(文档).ready(函数重定向(){
$(“#登录”)。单击(函数(){
var user=$('#userID').val();
var passwrd=$('#password').val();
如果(用户==''| |密码==''){
警告(“请填写必填字段”);
}
否则{
$.ajax({
url:“validate.php”,
类型:“post”,
数据:{
用户名:user,
密码:passwrd
},
成功:功能(数据){
警报(数据);
如果(数据==“正常”){
window.location.href=”http://localhost/Annapoorna/Welcome_Page.php";
}
}
});
}
});
});
并验证.php文件
<?php
$servername = "localhost";
$conusername = "root";
$conpassword = "";
$dbname = "annapoorna";
$dsn='mysql:dbname='.$dbname.';host='.$servername;
$conn = new PDO($dsn, $conusername, $conpassword);
$username=$_POST['username'];
$password=$_POST['password'];
$sqlselect="Select * from users where username='".$username."' and password='".$password."'";
$sth=$conn->prepare($sqlselect);
$sth->execute();
$status="";
foreach ($sth->fetchAll() as $row) {
$status="ok";
}
echo $status;
?>
旁注,您不应该以明文形式存储密码。查看password\u hash()
和password\u verify()
让我们不用担心安全性。它首先应该工作,你应该使用AJAX。不能直接从javascript调用PHP函数。@VineetBasantani是的,没错,无论如何,密码安全性都被高估了。你应该编辑你的问题,如果有新问题,不应该发布新问题。你正在演示一个引入sql注入的脚本。@mani j如果php和脚本都在同一个文件中,我应该为“url:”写些什么?以validate.php的名称创建新的php文件,并让我们看看。
<?php
$servername = "localhost";
$conusername = "root";
$conpassword = "";
$dbname = "annapoorna";
$dsn='mysql:dbname='.$dbname.';host='.$servername;
$conn = new PDO($dsn, $conusername, $conpassword);
$username=$_POST['username'];
$password=$_POST['password'];
$sqlselect="Select * from users where username='".$username."' and password='".$password."'";
$sth=$conn->prepare($sqlselect);
$sth->execute();
$status="";
foreach ($sth->fetchAll() as $row) {
$status="ok";
}
echo $status;
?>