Php 无法使登录页面正常工作
我有一个php页面,它会自动发布,然后检查是否需要登录。我遇到的问题是,如果它登录。。。然后它仍然显示用户名和密码文本框。。但是,如果我刷新它们,它们就会消失,而现在,多亏了这次会议,欢迎的事情就出现了 我想要的是,一旦点击提交,它会让用户登录,立即不显示文本框(用户名、密码)并显示欢迎信息。现在我必须刷新一下 请注意,我是新的PHP和任何明智的建议将不胜感激Php 无法使登录页面正常工作,php,mysql,Php,Mysql,我有一个php页面,它会自动发布,然后检查是否需要登录。我遇到的问题是,如果它登录。。。然后它仍然显示用户名和密码文本框。。但是,如果我刷新它们,它们就会消失,而现在,多亏了这次会议,欢迎的事情就出现了 我想要的是,一旦点击提交,它会让用户登录,立即不显示文本框(用户名、密码)并显示欢迎信息。现在我必须刷新一下 请注意,我是新的PHP和任何明智的建议将不胜感激 <?php echo "<form method=\"post\" action=\"index
<?php
echo "<form method=\"post\" action=\"index.php?form_type=$page_vals\">";
echo "<body>";
//Start session
session_start();
//Check whether the session variable SESS_MEMBER_ID is present or not
if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {
extract($_POST);
$username = "";
$password = "";
$userrole = "";
$userid ="";
$login_query = "SELECT user_id, user_role, user_username FROM users WHERE user_username = '$_POST[logInUsername]' AND user_password = '$_POST[logInPassword]'";
if(!($database = mysql_connect("localhost","root","")))
die("<p>Could not connect to database</p></div></div>
</body>
</html>");
if(!mysql_select_db("mydatabase", $database))
die("<p>Could not open my databases database</p></div>
</div>
</body>
</html>");
if(!($result = mysql_query($login_query, $database)))
{
print("Could not execute query!<br/>");
die(mysql_error()."</div>
</div>
</body>
</html>");
}
if (mysql_num_rows($result) == 0) {
print("Please verify your login information<br/>");
}
while ($row = mysql_fetch_assoc($result)) {
$username = $row["user_username"];
$userrole = $row["user_role"];
$userid = $row["user_id"];
}
echo "Hello - '$username'";
mysql_close($database);
session_regenerate_id();
$_SESSION['SESS_MEMBER_ID'] = $userid;
$_SESSION['SESS_NAME'] = $username;
//Write session to disc
session_write_close();
echo '<div id="login" class="login">
<label for="login">User Name</label>
<input type="text" name="logInUsername" />
<label for="Password">Password</label>
<input type="password" name="logInPassword" />
<input type="submit" value="Submit" class="button" />
</div>';
}
else
{
$sessionName = $_SESSION['SESS_NAME'];
echo '<div id="login" class="login">
<label for="welcome">Welcome '. $sessionName.'!</label>
</div>';
}
?>
所以,不要处理这里的任何安全或样式问题 现在,您将看到会话是否已设置。如果不是,则处理登录。处理登录后,将显示表单字段 你应该检查3个州 有人已经登录了吗? 您需要处理登录吗? 如果两者都不是,则显示正常形式 您可以通过使用会话字段的现有isset来实现这一点 如果未设置,请检查是否设置了post字段。。。如果已设置,则处理登录 否则,显示基本登录表单 编辑: 完整代码示例(很抱歉格式太糟糕,主要是剪切和粘贴…:
<?php
echo "<form method=\"post\" action=\"index.php?form_type=$page_vals\">";
echo "<body>";
//Start session
session_start();
//Check whether the session variable SESS_MEMBER_ID is present or not
if(isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) != '')) {
$sessionName = $_SESSION['SESS_NAME'];
echo '<div id="login" class="login">
<label for="welcome">Welcome '. $sessionName.'!</label>
</div>';
}
else if ($_POST[logInPassword] != null && $_POST[logInUsername] != null)
{
extract($_POST);
$username = "";
$password = "";
$userrole = "";
$userid ="";
$login_query = "SELECT user_id, user_role, user_username FROM users WHERE user_username = '$_POST[logInUsername]' AND user_password = '$_POST[logInPassword]'";
if(!($database = mysql_connect("localhost","root","")))
die("<p>Could not connect to database</p></div></div>
</body>
</html>");
if(!mysql_select_db("mydatabase", $database))
die("<p>Could not open my databases database</p></div>
</div>
</body>
</html>");
if(!($result = mysql_query($login_query, $database)))
{
print("Could not execute query!<br/>");
die(mysql_error()."</div>
</div>
</body>
</html>");
}
if (mysql_num_rows($result) == 0) {
print("Please verify your login information<br/>");
}
while ($row = mysql_fetch_assoc($result)) {
$username = $row["user_username"];
$userrole = $row["user_role"];
$userid = $row["user_id"];
}
echo "Hello - '$username'";
mysql_close($database);
session_regenerate_id();
$_SESSION['SESS_MEMBER_ID'] = $userid;
$_SESSION['SESS_NAME'] = $username;
//Write session to disc
session_write_close();
$sessionName = $_SESSION['SESS_NAME'];
echo '<div id="login" class="login">
<label for="welcome">Welcome '. $sessionName.'!</label>
</div>';
}
else
{
echo '<div id="login" class="login">
<label for="login">User Name</label>
<input type="text" name="logInUsername" />
<label for="Password">Password</label>
<input type="password" name="logInPassword" />
<input type="submit" value="Submit" class="button" />
</div>';
}
?>
祝你好运!你的逻辑需要重新思考一下。像这样的东西怎么样?(psedoocode)
这里的问题是你们的代码并没有按顺序排列。我已经改正了,现在试试看
<?php
session_start();
echo "<body>";
//Start session
//print_r($_SESSION);exit;
//Check whether the session variable SESS_MEMBER_ID is present or not
extract($_POST);
$username = "";
$password = "";
$userrole = "";
$userid ="";
if(isset($_POST))
{
$login_query = "SELECT reg_id, role_id, f_name FROM registration WHERE f_name = '$_POST[logInUsername]' AND password = '$_POST[logInPassword]'";
if(!($database = mysql_connect("sunlinux","pukhraj","pukhraj123")))
die("<p>Could not connect to database</p></div></div>
</body>
</html>");
if(!mysql_select_db("testbaj", $database))
die("<p>Could not open my databases database</p></div>
</div>
</body>
</html>");
if(!($result = mysql_query($login_query, $database)))
{
print("Could not execute query!<br/>");
die(mysql_error()."</div>
</div>
</body>
</html>");
}
if (mysql_num_rows($result) == 0) {
print("Please verify your login information<br/>");
}
while ($row = mysql_fetch_assoc($result)) {
$username = $row["f_name"];
$userrole = $row["role"];
$userid = $row["reg_id"];
}
$_SESSION['SESS_MEMBER_ID'] = $userid;
$_SESSION['SESS_NAME'] = $username;
}
if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {
echo "Hello - '$username'";
mysql_close($database);
session_regenerate_id();
//Write session to disc
session_write_close();
echo "<form method=\"post\" ><div id=\"login\" class=\"login\">
<label for=\"login\">User Name</label>
<input type=\"text\" name=\"logInUsername\" />
<label for=\"Password\">Password</label>
<input type=\"password\" name=\"logInPassword\" />
<input type=\"submit\" value=\"Submit\" class=\"button\" />
</div>";
}
else
{
$sessionName = $_SESSION['SESS_NAME'];
echo "<div id=\"login\" class=\"login\">
<label for=\"welcome\">Welcome '$sessionName' !</label>
</div>";
}
?>
永远不要使用会话变量进行用户身份验证。您可以使用页面范围,但这不是推荐的做法。好的,谢谢您的建议。但是忽略这个事实,我如何解决我的问题。我只想在采用最佳做法之前先解决这个问题。谢谢您请使用单引号(echo';
)或者跳出PHP来回显HTML的大部分内容(?>很抱歉,您的逻辑完全搞错了。代码中没有错误(除了它是实现所有这一切的一种糟糕的方式,并且它对SQL注入和所有这些都是开放的),但您只是在某人登录后输出表单。太好了,如果我需要显示“仅当他们尝试(单击“提交”后)未登录时,请验证您的登录信息?”如何。现在,该消息从一开始就显示..已完成。根据更新的答案进行2次更改(最后一次)非常感谢你的帮助
<?php
session_start();
echo "<body>";
//Start session
//print_r($_SESSION);exit;
//Check whether the session variable SESS_MEMBER_ID is present or not
extract($_POST);
$username = "";
$password = "";
$userrole = "";
$userid ="";
if(isset($_POST))
{
$login_query = "SELECT reg_id, role_id, f_name FROM registration WHERE f_name = '$_POST[logInUsername]' AND password = '$_POST[logInPassword]'";
if(!($database = mysql_connect("sunlinux","pukhraj","pukhraj123")))
die("<p>Could not connect to database</p></div></div>
</body>
</html>");
if(!mysql_select_db("testbaj", $database))
die("<p>Could not open my databases database</p></div>
</div>
</body>
</html>");
if(!($result = mysql_query($login_query, $database)))
{
print("Could not execute query!<br/>");
die(mysql_error()."</div>
</div>
</body>
</html>");
}
if (mysql_num_rows($result) == 0) {
print("Please verify your login information<br/>");
}
while ($row = mysql_fetch_assoc($result)) {
$username = $row["f_name"];
$userrole = $row["role"];
$userid = $row["reg_id"];
}
$_SESSION['SESS_MEMBER_ID'] = $userid;
$_SESSION['SESS_NAME'] = $username;
}
if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {
echo "Hello - '$username'";
mysql_close($database);
session_regenerate_id();
//Write session to disc
session_write_close();
echo "<form method=\"post\" ><div id=\"login\" class=\"login\">
<label for=\"login\">User Name</label>
<input type=\"text\" name=\"logInUsername\" />
<label for=\"Password\">Password</label>
<input type=\"password\" name=\"logInPassword\" />
<input type=\"submit\" value=\"Submit\" class=\"button\" />
</div>";
}
else
{
$sessionName = $_SESSION['SESS_NAME'];
echo "<div id=\"login\" class=\"login\">
<label for=\"welcome\">Welcome '$sessionName' !</label>
</div>";
}
?>