Php 使用数据库记录注册成功,但无法登录
我不能总是登录。登录失败,即使输入正确,而且我可以在数据库中看到它Php 使用数据库记录注册成功,但无法登录,php,mysql,pdo,Php,Mysql,Pdo,我不能总是登录。登录失败,即使输入正确,而且我可以在数据库中看到它 <?php require "konfig.php"; $errors = array(); if($_SERVER['REQUEST_METHOD'] == 'POST'){ if(preg_match("/\S+/", $_POST['fname']) === 0){ $errors['fname'] = "* First Name is required.";
<?php
require "konfig.php";
$errors = array();
if($_SERVER['REQUEST_METHOD'] == 'POST'){
if(preg_match("/\S+/", $_POST['fname']) === 0){
$errors['fname'] = "* First Name is required.";
}
if(preg_match("/\S+/", $_POST['lname']) === 0){
$errors['lname'] = "* Last Name is required.";
}
if(preg_match("/.+@.+\..+/", $_POST['email']) === 0){
$errors['email'] = "* Not a valid e-mail address.";
}
if(preg_match("/.{8,}/", $_POST['password']) === 0){
$errors['password'] = "* Password Must Contain at least 8 Chanacters.";
}
if(strcmp($_POST['password'], $_POST['confirm_password'])){
$errors['confirm_password'] = "* Password do not much.";
}
if (!isset($_POST['gen'])) {
$errors['gen'] = "specify your gender";
}
else {
$gen = ($_POST['gen']);
}
if(count($errors) === 0){
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
$gen = $_POST['gen'];
$password = hash('sha256', $_POST['password']);
function createSalt(){
$string = md5(uniqid(rand(), true));
return substr($string, 0, 3);
}
$salt = createSalt();
$password = hash('sha256', $salt . $password);
$qt = "SELECT * FROM members WHERE email = '$email'";
$search =$dbc->prepare($qt);
$search->bindParam(':email',$email);
$search->execute();
$num_row = $search->rowCount();
if($num_row >= 1){
$errors['email'] = "Email address is unavailable.";
}else{
$sql = $dbc->prepare ("insert into members(fname,lname,email,salt,password,gen) values (:fname, :lname, :email, :salt, :password,:gen)");
$sql->bindParam(':fname',$fname);
$sql->bindParam(':lname',$lname);
$sql->bindParam(':email',$email);
$sql->bindParam(':salt',$salt);
$sql->bindParam(':password',$password);
$sql->bindParam(':gen',$gen);
$sql->execute();
$successful = "<h3> You are successfully registered.</h3>";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<link type="text/css" rel="stylesheet" href="css/style.css">
<title></title>
</head>
<body>
<div id="container">
<div class="login">
<form method="post" action="login.php">
<table>
<tr>
<td><h1>E-mail</h1></td>
<td><h1>Password</h1></td>
</tr>
<tr>
<td><input type="text" name="login_email" id="login_email"></td>
<td><input type="password" name="login_password" id="login_password"></td>
<td><input type="submit" name="submit" id="login" value="Login"></td>
</tr>
<tr>
<td colspan="3"><?php if(isset($_GET['message'])){ echo "<h2>" .$_GET['message']. "</h2>"; } ?></td>
</tr>
</table>
</form>
</div>
<div class="form">
<form method="post" action="index.php">
<table>
<tr>
<td colspan="2"><?php if(isset($successful)){ echo $successful; } ?></td>
</tr>
<tr>
<td><input type="text" name="fname" id="fname" placeholder="First Name" value="<?php if(isset($_POST['fname'])){echo $_POST['fname'];} ?>"></td>
<td><input type="text" name="lname" id="lname" placeholder="Last Name" value="<?php if(isset($_POST['lname'])){echo $_POST['lname'];} ?>"></td>
</tr>
<tr>
<td><?php if(isset($errors['fname'])){echo "<h2>" .$errors['fname']. "</h2>"; } ?></td>
<td><?php if(isset($errors['lname'])){echo "<h2>" .$errors['lname']. "</h2>"; } ?></td>
</tr>
<tr">
<td colspan="2"><input type="text" name="email" id="email" placeholder="E-mail Address" value="<?php if(isset($_POST['email'])){echo $_POST['email'];} ?>"></td>
</tr>
<tr>
<td colspan="2"><?php if(isset($errors['email'])){echo "<h2>" .$errors['email']. "</h2>"; } ?></td>
</tr>
<tr>
<td colspan="2"><input type="password" name="password" id="pw" placeholder="Password"></td>
</tr>
<tr>
<td colspan="2"><?php if(isset($errors['password'])){echo "<h2>" .$errors['password']. "</h2>"; } ?></td>
</tr>
<tr>
<td colspan="2"><input type="password" name="confirm_password" id="cpw" placeholder="Confirm Password">
</tr>
<tr>
<td colspan="2"><?php if(isset($errors['confirm_password'])){echo "<h2>" .$errors['confirm_password']. "</h2>"; } ?></td>
</tr>
<tr>
<td><b>SEX</b></td>
<td>
<input type="radio" name="gen" <?php if (isset($gender) && $gender=="male") echo "checked";?> value="male" id= "rgm">Male
<input type="radio" name="gen" <?php if (isset($gender) && $gender=="female") echo "checked";?> value="female" id="rgf">Female
<td colspan="2"><?php if(isset($errors['gen'])){echo "<h2>" .$errors['gen']. "</h2>"; } ?></td>
</td>
</tr>
<td><input type="submit" name="submit" id="submit" value="Sign Up"></td>
</tr>
</table>
</form>
</div>
<div class="footer"></div>
</div>
</body>
</html>
session_start();
$email = $_POST['login_email'];
$password = $_POST['login_password'];
require "konfig.php";
$sql = "SELECT password, salt FROM members WHERE email = :email";
$query = $dbc->prepare($sql);
$query->bindParam(':email',$email);
$query->execute();
$rows = $query->rowCount();
if($rows < 1) {
$message = "Login Failed!";
header("location: index.php?message=". $message);
}
$row = $query->fetch(PDO::FETCH_ASSOC);
$hash = hash('sha256', $row['salt'] . hash('sha256', $password) );
if($hash != $row['password']){
$message = "Login Failed!";
header("location: index.php?message=". $message);
}else{
session_regenerate_id ();
$_SESSION['email'] = $email;
header("location: home.php");
}
?>
<html>
<head>
<body>
am alwas getin登录失败,请提供帮助。此时打印($row)和生成的哈希是什么意思?还有,@blub我真的不明白你说的话你建议我做什么?或者我应该在哪里修改?@jay我应该使用什么方式…但我不认为这会阻止它登录