Fatal编程技术网

Javascript 登录未执行

javascript php jquery html

Javascript 登录未执行,javascript,php,jquery,html,Javascript,Php,Jquery,Html,我已经创建了一个登录页面,但它不起作用。 我的HTML是: <form name="form" class="login-form" method="POST"> <input type="text" placeholder="username" name="userID" id="userID"/> <input type="password" placeholder="password" id="password" name="p

我已经创建了一个登录页面,但它不起作用。 我的HTML是:

   <form name="form" class="login-form" method="POST"> 
      <input type="text" placeholder="username" name="userID" id="userID"/>
      <input type="password" placeholder="password" id="password" name="password"/>
      <input type="button" id="login" name="login" value="login" onclick="redirect()"></input>
我的JS是:

        <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
         <script type="text/javascript">
        $(document).ready(function redirect(){
        $("#login").click(function(){
        var user = $('#userID').val(); 
        var passwrd = $('#password').val();
        if (user === '' || passwrd === ''){
        alert("Please Fill Required Fields");
        } 
else{
        <?php confirm();?>
        var userID="<?php echo $username?>";
        var pwd="<?php echo $pwd?>";
        if(userID===user && pwd===passwrd)
        {
        window.location.href = 'http://localhost/Annapoorna/Welcome_Page.php';
        }
        else
      {
         alert("Please enter correct username and password!");
      }
        }
    });
});
</script>


$(文档).ready(函数重定向(){
$(“#登录”)。单击(函数(){
var user=$('#userID').val();
var passwrd=$('#password').val();
如果(用户==''| |密码==''){
警告(“请填写必填字段”);
} 
否则{
var userID=“”;
var pwd=“”;
if(userID==user&&pwd===passwrd)
{
window.location.href=http://localhost/Annapoorna/Welcome_Page.php';
}
其他的
{
警报(“请输入正确的用户名和密码!”);
}
}
});
});
PHP是:

 <?php
      function confirm(){
        try{
        $username="";
        $pwd="";
        $pword="";
        $servername = "localhost";
        $conusername = "root";
        $conpassword = "";
        $dbname = "annapoorna";
        $dsn='mysql:dbname='.$dbname.';host='.$servername;
        $conn = new PDO($dsn, $conusername, $conpassword);
        $get_pass=$_POST(['password']);
         if(!empty($get_pass))
         {
        $sqlselect='Select * from users where password=:pass';
        $sth=$conn->prepare($sqlselect);
        $sth->execute(array(':pass'=>$get_pass));
        foreach ($sth->fetchAll() as $row) {
        $username=$row['username'];
        $pwd=$row['password'];
        }
        }
        } 
catch(PDOException $e){
    echo "Error: " . $e->getMessage();
     }}
   ?>
它仅适用于针对“:pass”的查询中输入的静态密码值。为什么它不能动态工作? 所以我认为问题在于从前端获取数据。
祈祷吧,告诉我什么恶魔在我的密码上盘旋

使用js或jquery提交表单。尝试如下更新您的代码

if(userID===user && pwd===passwrd)
{
    document.getElementById("formid").submit();
}
在php中,删除大括号,更改

$get_pass=$_POST(['password']);

你可以这样用

<form name="form" class="login-form" method="POST"> 
      <input type="text" placeholder="username" name="userID" id="userID"/>
      <input type="password" placeholder="password" id="password" name="password"/>
      <input type="button" id="login" name="login" value="login" onclick="redirect()"></input>
</form>
<script type="text/javascript">
$(document).ready(function redirect(){
    $("#login").click(function(){
        var user = $('#userID').val(); 
        var passwrd = $('#password').val();
        if (user === '' || passwrd === ''){
            alert("Please Fill Required Fields");
        } 
        else {
            $.ajax({
                url: "validate.php",
                type: "post",
                data : {
                    username: user,
                    password: passwrd
                },
                success: function(data){
                    alert(data);
                    if(data=="ok"){
                        window.location.href="http://localhost/Annapoorna/Welcome_Page.php";
                    }
                }
            });
        }
    });
});
</script>


$(文档).ready(函数重定向(){
$(“#登录”)。单击(函数(){
var user=$('#userID').val();
var passwrd=$('#password').val();
如果(用户==''| |密码==''){
警告(“请填写必填字段”);
} 
否则{
$.ajax({
url:“validate.php”,
类型:“post”,
数据:{
用户名:user,
密码:passwrd
},
成功:功能(数据){
警报(数据);
如果(数据==“正常”){
window.location.href=”http://localhost/Annapoorna/Welcome_Page.php";
}
}
});
}
});
});
并验证.php文件

<?php
$servername = "localhost";
$conusername = "root";
$conpassword = "";
$dbname = "annapoorna";
$dsn='mysql:dbname='.$dbname.';host='.$servername;
$conn = new PDO($dsn, $conusername, $conpassword);

$username=$_POST['username'];
$password=$_POST['password'];       

$sqlselect="Select * from users where username='".$username."' and password='".$password."'";
$sth=$conn->prepare($sqlselect);
$sth->execute();

$status="";
foreach ($sth->fetchAll() as $row) {
    $status="ok";
}
echo $status;
?>

旁注,您不应该以明文形式存储密码。查看
password\u hash()
password\u verify()
让我们不用担心安全性。它首先应该工作,你应该使用AJAX。不能直接从javascript调用PHP函数。@VineetBasantani是的,没错,无论如何,密码安全性都被高估了。你应该编辑你的问题,如果有新问题,不应该发布新问题。你正在演示一个引入sql注入的脚本。@mani j如果php和脚本都在同一个文件中,我应该为“url:”写些什么?以validate.php的名称创建新的php文件,并让我们看看。

<?php
$servername = "localhost";
$conusername = "root";
$conpassword = "";
$dbname = "annapoorna";
$dsn='mysql:dbname='.$dbname.';host='.$servername;
$conn = new PDO($dsn, $conusername, $conpassword);

$username=$_POST['username'];
$password=$_POST['password'];       

$sqlselect="Select * from users where username='".$username."' and password='".$password."'";
$sth=$conn->prepare($sqlselect);
$sth->execute();

$status="";
foreach ($sth->fetchAll() as $row) {
    $status="ok";
}
echo $status;
?>