使用php进行html表单验证
我已经创建了一个html表单,它有注册和登录。首先,我想注册用户使用注册表,然后让他登录,然后重定向到另一个页面。为此,我将php与apachexampp服务器一起使用。注册面板工作正常,但当我尝试登录时,数据库中添加了黑色列 我的html代码是这样的使用php进行html表单验证,php,html,Php,Html,我已经创建了一个html表单,它有注册和登录。首先,我想注册用户使用注册表,然后让他登录,然后重定向到另一个页面。为此,我将php与apachexampp服务器一起使用。注册面板工作正常,但当我尝试登录时,数据库中添加了黑色列 我的html代码是这样的 <form method="POST" action="yoga_signup.php"> <div class="row" style=" margin-top:4rem; mar
<form method="POST" action="yoga_signup.php">
<div class="row" style=" margin-top:4rem; margin-left:24rem;">
<div class="col-md-6 mx-auto p-0">
<div class="card">
<div class="login-box">
<div class="login-snip"> <input id="tab-1" type="radio" name="tab" class="sign-in" checked><label for="tab-1" class="tab">Login</label> <input id="tab-2" type="radio" name="tab" class="sign-up"><label for="tab-2" class="tab">Sign Up</label>
<div class="login-space">
<div class="login">
<input type="hidden" name="for_page" value="login">
<div class="group"> <label for="user" class="label">Username</label> <input id="user" type="text" class="input" name="username" placeholder="Enter your username" > </div>
<div class="group"> <label for="pass" class="label">Password</label> <input id="pass" type="password" name="password_1" class="input" data-type="password" placeholder="Enter your password" > </div>
<div class="group"> <input id="check" type="checkbox" class="check" checked> <label for="check"><span class="icon"></span> Keep me Signed in</label> </div>
<div class="group"> <input type="submit" class="button" value="Sign In"> </div>
<div class="hr"></div>
</div>
<div class="sign-up-form">
<input type="hidden" name="for_page" value="signup">
<div class="group"> <label for="user" class="label">Username</label> <input id="user" type="text" name="username" class="input" placeholder="Create your Username"> </div>
<div class="group"> <label for="pass" class="label">Password</label> <input id="pass" type="password" name="password_1" class="input" data-type="password" placeholder="Create your password" > </div>
<div class="group"> <label for="pass" class="label">Repeat Password</label> <input id="pass" type="password" name="password_2" class="input" data-type="password" placeholder="Repeat your password"> </div>
<div class="group"> <label for="pass" class="label">Email Address</label> <input id="pass" type="text" class="input" name="email" placeholder="Enter your email address" > </div><br>
<div class="group"> <input type="submit" class="button" value="Sign Up"> </div>
<div class="hr"></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</form>
我的php代码如下
<?php
session_start();
$conn= new mysqli("localhost","root","","yoga");
if($_SERVER["REQUEST_METHOD"]=="POST"){
$TypeOfRequest=$_POST['for_page'];
if($TypeOfRequest=="signup"){
$user=$_POST['username'];
$pass_1=$_POST['password_1'];
$pass_2=$_POST['password_2'];
$mail=$_POST['email'];
if($pass_1===$pass_2){
$val=" INSERT INTO yoga_login(username,password_1,password_2,email) VALUES('$user','$pass_1','$pass_2','$mail')";
if($conn->query($val)===TRUE){
header('Location: login.html');
}else{
echo "registration unsucessfull";
}
}
if($pass_1!==$pass_2){
echo "please enter the same password";
}
}
$TypeofRequest = $_POST['for_page'];
if($TypeofRequest=="login"){
$user=$_POST['username'];
$pass_1=$_POST['password_1'];
$sql="SELECT * FROM yoga_login WHERE username='$user' AND password='$pass_1'";
$RunQuery = mysqli_query($conn,$sql);
$CheckNumberOfUsers = mysqli_num_rows($RunQuery);
//echo $CheckNumberOfUsers;
if($CheckNumberOfUsers==1){
$_SESSION['username'] = $user;
header('location:blogs.html');
}else{
echo "invalid credential";
}
}
mysqli_close($conn);
}
您可以在文件开头的yoga_signup.php中转储发送的内容:
die('<pre>' . print_r($_POST, true) . '</pre>');
所以for_页面字段的值是signup,我按下了signin按钮
然后返回HTML文件,您可以看到您对请求使用了相同的表单,因此对于第二个表单,您将覆盖第一个for_页面值
因此,您应该创建2个表单,并将其设置为:
Array
(
[for_page] => login
[username] => asdf
[password_1] => asdf
)
有助于改进代码的旁注:
密码应该在数据库中加密
mysql查询易受SQL注入攻击
第二个密码字段过去是必需的,因为如果输入类型是password,那么您就看不到字符,因此它就像是用户的校对,以确保您不会错过密码。因此,您不需要将其存储在数据库中,而是使用它来检查第一个字段中的写入是否正确。
使用
在重定向之前关闭mysql连接
我在代码的登录部分发现了一些问题
您应该使用数据库中的现有密码字段,而不是SQL查询字符串中的密码字段;例如,密码_1字段
替换它并修复一些小问题,再加上一些美化,您将获得登录部分的以下代码:
好啊首先,忘记msqli,使用PDO。不知道这一点,你能帮我更详细地了解吗way@CodewizardPDO是mysqli的替代品,通常被认为是更好的替代品。人们还创建了一些包装器类,使PDO的使用更加容易。有几十种,但我个人推荐免责声明:我是GrumpyPDOnot getting what I Wanted的作者每当我登录时都会显示以下错误警告:mysqli_num_rows期望参数1为mysqli_result,第38行C:\xampp\htdocs\yoga\u signup.php中给出的bool无效凭证我应该将php更改置于登录的if条件之上这一行php代码只是为了帮助您调试应用程序。由于出现了一个新错误,php代码中似乎又出现了一个问题。尽快查看ya'plz帮助,thnk youI也为您添加了php代码的修复程序。您所需要做的就是替换登录的if用例,这样您就完成了。
<div class="row" style=" margin-top:4rem; margin-left:24rem;">
<div class="col-md-6 mx-auto p-0">
<div class="card">
<div class="login-box">
<div class="login-snip">
<input id="tab-1" type="radio" name="tab" class="sign-in" checked>
<label for="tab-1" class="tab">Login</label>
<input id="tab-2" type="radio" name="tab" class="sign-up">
<label for="tab-2" class="tab">Sign Up</label>
<div class="login-space">
<form method="POST" action="yoga_signup.php">
<div class="login">
<input type="hidden" name="for_page" value="login">
<div class="group">
<label for="user" class="label">Username</label>
<input id="user" type="text" class="input" name="username" placeholder="Enter your username" >
</div>
<div class="group">
<label for="pass" class="label">Password</label>
<input id="pass" type="password" name="password_1" class="input" data-type="password" placeholder="Enter your password" >
</div>
<div class="group">
<input id="check" type="checkbox" class="check" checked>
<label for="check">
<span class="icon">
</span> Keep me Signed in
</label>
</div>
<div class="group"> <input type="submit" class="button" value="Sign In"> </div>
<div class="hr"></div>
</div>
</form>
<form method="POST" action="yoga_signup.php">
<div class="sign-up-form">
<input type="hidden" name="for_page" value="signup">
<div class="group"> <label for="user" class="label">Username</label> <input id="user" type="text" name="username" class="input" placeholder="Create your Username"> </div>
<div class="group"> <label for="pass" class="label">Password</label> <input id="pass" type="password" name="password_1" class="input" data-type="password" placeholder="Create your password" > </div>
<div class="group"> <label for="pass" class="label">Repeat Password</label> <input id="pass" type="password" name="password_2" class="input" data-type="password" placeholder="Repeat your password"> </div>
<div class="group"> <label for="pass" class="label">Email Address</label> <input id="pass" type="text" class="input" name="email" placeholder="Enter your email address" > </div><br>
<div class="group"> <input type="submit" class="button" value="Sign Up"> </div>
<div class="hr"></div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
Array
(
[for_page] => login
[username] => asdf
[password_1] => asdf
)
if($TypeofRequest=="login"){
$username = $_POST['username'];
$password = $_POST['password_1'];
$sql="SELECT * FROM yoga_login WHERE username='{$username}' AND password_1='{$password}'";
$result = $conn->query($sql);
$conn->close();
if (empty($result)) {
die('invalid credentials');
}
$_SESSION['username'] = $user;
header('location:blogs.html');
die();
}