Fatal编程技术网
  • php/
  • 说错话,但我';我输入的是正确的-PHP

说错话,但我';我输入的是正确的-PHP

php

说错话,但我';我输入的是正确的-PHP,php,Php,我试图通过一个教程来制作登录系统。我把一切都像在教程,但它说我的细节是不正确的,它不会登录我,但一切都是正确的。我找不到代码中有什么错误。欢迎任何帮助 Index.php代码: <?php #admin/index.php #####[make sure you put this code before any html output]##### //connect to server $dbc = mysqli_connect('localhost','

我试图通过一个教程来制作登录系统。我把一切都像在教程,但它说我的细节是不正确的,它不会登录我,但一切都是正确的。我找不到代码中有什么错误。欢迎任何帮助

Index.php代码:

    <?php #admin/index.php 
           #####[make sure you put this code before any html output]#####

//connect to server
$dbc = mysqli_connect('localhost','root','pw') or 
           die('could not connect: '. mysqli_connect_error());

//select db
mysqli_select_db($dbc, 'dbname') or die('no db connection');

//check if the login form has been submitted
if(isset($_POST['go'])){
    #####form submitted, check data...#####

        //step 1a: sanitise and store data into vars (storing encrypted password)
    $usr = mysqli_real_escape_string($dbc, htmlentities($_POST['u_name']));
    $psw = SHA1($_POST['u_pass']) ; //using SHA1() to encrypt passwords  

        //step2: create query to check if username and password match
    $q = "SELECT * FROM kasutaja WHERE name='$usr' AND pass='$psw'  ";

    //step3: run the query and store result
    $res = mysqli_query($dbc, $q);

    //make sure we have a positive result
    if(mysqli_num_rows($res) == 1){
        #########  LOGGING IN  ##########
        //starting a session  
                session_start();

                //creating a log SESSION VARIABLE that will persist through pages   
        $_SESSION['log'] = 'in';

        //redirecting to restricted page
        header('location:restricted.php');
    } else {
                //create an error message   
        $error = 'Wrong details. Please try again'; 
    }
}//end isset go
?> 
<!-- HTML FORM GOES HERE -->

<!-- LOGIN FORM in: admin/index.php -->
<form method="post" action="#">
    <p><label for="u_name">username:</label></p>
    <p><input type="text" name="u_name" value=""></p>

    <p><label for="u_pass">password:</label></p>
    <p><input type="password" name="u_pass" value=""></p>

    <p><button type="submit" name="go">log me in</button></p>
</form>
<!-- A paragraph to display eventual errors -->
<p><strong><?php if(isset($error)){echo $error;}  ?></strong></p> 


用户名:



密码:



让我登录
限制页面代码:

    <?php #admin/restricted.php 
           #####[make sure you put this code before any html output]#####

//starting the session
session_start();

//checking if a log SESSION VARIABLE has been set
if( !isset($_SESSION['log']) || ($_SESSION['log'] != 'in') ){
        //if the user is not allowed, display a message and a link to go back to login page
    echo "You are not allowed. <a href="index.php">back to login page</a>";

        //then abort the script
    exit();
}

/**
*      ####  CODE FOR LOG OUT #### click here to see the logout tutorial 
*/

?> 
<!-- RESTRICTED PAGE HTML GOES HERE -->
<h1> TEST </h1>


测验
谢谢你的帮助

此修复程序包含OP从Web下载的错误。难怪这次行动很艰难

它为一件事查询了错误的列,并插入到错误的表中

代码中的另一个错误是这一行:

echo "You are not allowed. <a href="index.php">back to login page</a>";
重写

大多数网站都有一个不允许普通用户访问的私人部分。你可以考虑一个管理部分,网站管理员可以在那里找到他的CMS,一个私人区域,有敏感的个人信息,甚至只是你用来处理电子邮件的电子邮件管理器

所有这些情况都有一个共同点:它们只限制允许用户通过登录系统进行访问

要创建身份验证系统,您需要:

  • 一个数据库,一个名为users的表,至少有三列:id、username、password
  • 用户填写用户名和密码的HTML表单
  • 一个PHP脚本,用于检查提供的用户名和密码是否确实存在
  • 只有成功登录后,用户才能访问私人区域
步骤1。创建一个名为“用户”的表:

a) 使用PhpMyAdmin或任何其他GUI快速创建表

CREATE  TABLE  `users` (
`id` INT( 5 ) UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`username` VARCHAR( 50 ) NOT NULL ,
`password` VARCHAR( 50 ) NOT NULL
)
b) 插入两个用户:

INSERT  INTO  `users` 
( `id` , `username` , `password` )

VALUES ( NULL , 'john', SHA1('johnPsw' ) ),
       ( NULL ,  'james', SHA1('jamesPsw') ),
( NULL , 'jim', SHA1('jimPsw' ) );
请注意:我们正在使用
SHA1()
函数加密密码

第2步。登录表单:

<!-- LOGIN FORM in: admin/index.php -->
<form method="post" action="">
    <p><label for="u_name">username:</label></p>
    <p><input type="text" name="u_name" value=""></p>

    <p><label for="u_pass">password:</label></p>
    <p><input type="password" name="u_pass" value=""></p>

    <p><button type="submit" name="go">log me in</button></p>
</form>
<!-- A paragraph to display eventual errors -->
<p><strong><?php if(isset($error)){echo $error;}  ?></strong></p> 


用户名:



密码:



让我登录
第3步。php脚本:

<?php #admin/index.php 
           #####[make sure you put this code before any html output]#####

//connect to server
$dbc = mysqli_connect('localhost','root','') or 
           die('could not connect: '. mysqli_connect_error());

//select db
mysqli_select_db($dbc, 'examples') or die('no db connection');

//check if the login form has been submitted
if(isset($_POST['go'])){
    #####form submitted, check data...#####

        //step 1a: sanitise and store data into vars (storing encrypted password)
    $usr = mysqli_real_escape_string($dbc, htmlentities($_POST['u_name']));
    $psw = SHA1($_POST['u_pass']) ; //using SHA1() to encrypt passwords  

        //step2: create query to check if username and password match
    $q = "SELECT * FROM users WHERE username='$usr' AND password='$psw'  ";

    //step3: run the query and store result
    $res = mysqli_query($dbc, $q);

    //make sure we have a positive result
    if(mysqli_num_rows($res) == 1){
        #########  LOGGING IN  ##########
        //starting a session  
                session_start();

                //creating a log SESSION VARIABLE that will persist through pages   
        $_SESSION['log'] = 'in';

        //redirecting to restricted page
        header('location:restricted.php');
    } else {
                //create an error message   
        $error = 'Wrong details. Please try again'; 
    }
}//end isset go
?> 
<!-- HTML FORM GOES HERE -->
第4步。受限页面:

<?php #admin/restricted.php 
           #####[make sure you put this code before any html output]#####

//starting the session
session_start();

//checking if a log SESSION VARIABLE has been set
if( !isset($_SESSION['log']) || ($_SESSION['log'] != 'in') ){
        //if the user is not allowed, display a message and a link to go back to login page
    echo "You are not allowed. <a href=\"index.php\">back to login page</a>";

        //then abort the script
    exit();
}


else{

echo "Success!";

}

/**
*      ####  CODE FOR LOG OUT #### click here to see the logout tutorial 
*/

?> 
<!-- RESTRICTED PAGE HTML GOES HERE -->
Hmm现在正在记录,但它表明我是不被允许的。@除数这是某种形式的成功。我贴的东西很管用,所以不管你以后做什么我都无法控制。 
<?php #admin/restricted.php 
           #####[make sure you put this code before any html output]#####

//starting the session
session_start();

//checking if a log SESSION VARIABLE has been set
if( !isset($_SESSION['log']) || ($_SESSION['log'] != 'in') ){
        //if the user is not allowed, display a message and a link to go back to login page
    echo "You are not allowed. <a href=\"index.php\">back to login page</a>";

        //then abort the script
    exit();
}


else{

echo "Success!";

}

/**
*      ####  CODE FOR LOG OUT #### click here to see the logout tutorial 
*/

?> 
<!-- RESTRICTED PAGE HTML GOES HERE -->