Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/265.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Php 注册后自动登录似乎不起作用,会重定向到上次登录的用户帐户。_Php - Fatal编程技术网
Fatal编程技术网
  • php/
  • Php 注册后自动登录似乎不起作用,会重定向到上次登录的用户帐户。

Php 注册后自动登录似乎不起作用,会重定向到上次登录的用户帐户。

php

Php 注册后自动登录似乎不起作用,会重定向到上次登录的用户帐户。,php,Php,我对编程基本上是新手,我想创建一个注册表单,用户应该在其中自动登录。但是,不会直接指向他们的用户帐户,而是显示以前登录用户的帐户详细信息。此外,当试图在URL中显示用户ID时,这不会显示。以下是注册代码: <?php session_start(); include "php/config/database.php"; if (isset($_POST['submit'])) { $FirstName = $_POST['FirstName']; $Surname

我对编程基本上是新手,我想创建一个注册表单,用户应该在其中自动登录。但是,不会直接指向他们的用户帐户,而是显示以前登录用户的帐户详细信息。此外,当试图在URL中显示用户ID时,这不会显示。以下是注册代码:

<?php
session_start();
include "php/config/database.php";

if (isset($_POST['submit'])) {
    $FirstName  = $_POST['FirstName'];
    $Surname    = $_POST['Surname'];
    $Email      = $_POST['Email'];
    $dbPassword = $_POST['Password'];


    // Check if data exists already in the database
    if (empty($FirstName) || empty($Surname) || empty($Email) || empty($dbPassword)) {
        echo "sorry no rmpty fields";
    }


    $exists  = mysqli_query($conn, "SELECT Email FROM Users WHERE Email = '$Email'");
    $row     = mysqli_fetch_array($exists);
    $dbEmail = $row['Email'];
    if ($Email == $dbEmail) {
        die("Username already taken.");
    } else {
        $sql = "INSERT INTO Users(FirstName,Surname,Email,Password)VALUES('$FirstName','$Surname','$Email','$dbPassword')";
        $sqlUserID  = mysqli_query($conn, "SELECT UserID FROM Users WHERE UserID = '$UserID'");
        $_SESSION['UserID'] = $dbUserID;
        $res = mysqli_query($conn, $sql);
        if (!$res) {
            die("Query Failed!" . mysqli_error($conn));

        } else {
            $query  = mysqli_query($conn, $sql);
            $getRow = mysqli_fetch_array($query);
            $dbUserID = $getRow['UserID'];
            $dbPassword = $getRow['Password'];


            if (mysqli_query($conn, $sql)) {
                $UserID   = $dbUserID;
                header("Location: account?UserID=".$UserID);
            } else {
                echo "Error! There was a problem registering you!";
            }
        }
    }
}
?>
<html>
<head> 
  <meta charset="UTF-8">
    <title>background</title>
 </head>
  <body>

</body>
</html>


背景
以下是登录代码:

 <?php
 session_start();  

    if(isset($_POST['submit'])) {
        include("php/config/database.php"); 
        $Email =$_POST['Email'];
        $dbPassword =$_POST['Password']);
if(empty($Email) || empty($Password))
    {
      echo "sorry no rmpty fields";
    }
    else
    {

        $Email = mysqli_real_escape_string($conn, $Email);
        $dbPassword = mysqli_real_escape_string($conn, $dbPassword);

        $dbPassword = md5($dbPassword);

        $sql = "SELECT * FROM Users WHERE Email='$Email' LIMIT 1";
        $query = mysqli_query($conn, $sql);
        $row = mysqli_fetch_array($query);
        $UserID = $row['UserID'];
        $dbpass = $row['Password'];

        if($dbPassword == $dbpass) {
            $_SESSION['Email'] = $Email;
            $_SESSION['UserID'] = $UserID;
            header("Location: account.php");
        } 
        else 
        {
            echo "You didn't enter the correct details!";
        }

    } 


  }    
?>




<html >
  <head>
    <meta charset="UTF-8">
    <title>background</title>




        <link rel="stylesheet" href="css/style.css">
 <script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>

     <script src="js/index.js"></script>


  </head>

  <body>

<form action="index.php" method="post">
  <div class="box">
    <h1 id="logintoregister">
      Login
    </h1>
    <div class="group show">
      <input class="inputMaterial" type="text" name="FirstName" />
      <label>First Name</label>
    </div>
    <div class="group show">
      <input class="inputMaterial" type="text" name="Surname" />
      <label>Surname</label>
    </div>
    <div class="group">
      <input class="inputMaterial" type="email" name="Email" />
      <label>Email</label>
    </div>
    <div class="group">
      <input class="inputMaterial" type="password" id="password"
      name="Password" /> <label>Password</label>
    </div>
    <div class="group show">
      <input class="inputMaterial" type="password" id=
      "confirm_password" /> <label>Confirm Password</label>
    </div>



    <button id="buttonlogintoregister" type="submit" name="submit">Login</button>
    <p id="plogintoregister">
      By registering, You accept all terms and conditons
    </p>
    <p id="textchange" onclick="register()">
      Sign Up
    </p>
  </div>
</form>


      <!-- Related demos -->




 <script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>

     <script src="js/index.js"></script>







</body>
</html>

这行代码根本没有意义:


$sqlUserID  = mysqli_query($conn, "SELECT UserID FROM Users WHERE UserID = '$UserID'");



  • 您试图选择一个您声称已经拥有的值,那么您选择的是什么呢
    • 

  • 您没有该值,因为从未定义过
    $UserID
    。所以你最多只能这样做:
    

    header("Location: account?UserID=".$UserID);

    

    $sqlUserID=mysqli_查询($conn,“从UserID=''的用户中选择UserID”)
    • 
我想,它不会找到任何记录。因此,假设代码中的任何其他逻辑错误都不会产生运行时中断错误,那么您最多只能这样做:
    

    header("Location: account?UserID=".$UserID);

    
这将被评估为:
    

    "Location: account?UserID="

    

    似乎与你的另一个问题非常接近,我希望你不要打算继续使用这个问题。鉴于SQL注入漏洞,从技术上讲,你允许用户以任何他们想要的方式登录。更重要的是,您在哪里定义了
    $UserID
    ?您正在
    SELECT
    查询中使用它,但从未定义过它。从逻辑上讲,您希望从这个查询中得到什么?:
    “从UserID='$UserID'”的用户中选择UserID