说错话,但我';我输入的是正确的-PHP
我试图通过一个教程来制作登录系统。我把一切都像在教程,但它说我的细节是不正确的,它不会登录我,但一切都是正确的。我找不到代码中有什么错误。欢迎任何帮助 Index.php代码:说错话,但我';我输入的是正确的-PHP,php,Php,我试图通过一个教程来制作登录系统。我把一切都像在教程,但它说我的细节是不正确的,它不会登录我,但一切都是正确的。我找不到代码中有什么错误。欢迎任何帮助 Index.php代码: <?php #admin/index.php #####[make sure you put this code before any html output]##### //connect to server $dbc = mysqli_connect('localhost','
<?php #admin/index.php
#####[make sure you put this code before any html output]#####
//connect to server
$dbc = mysqli_connect('localhost','root','pw') or
die('could not connect: '. mysqli_connect_error());
//select db
mysqli_select_db($dbc, 'dbname') or die('no db connection');
//check if the login form has been submitted
if(isset($_POST['go'])){
#####form submitted, check data...#####
//step 1a: sanitise and store data into vars (storing encrypted password)
$usr = mysqli_real_escape_string($dbc, htmlentities($_POST['u_name']));
$psw = SHA1($_POST['u_pass']) ; //using SHA1() to encrypt passwords
//step2: create query to check if username and password match
$q = "SELECT * FROM kasutaja WHERE name='$usr' AND pass='$psw' ";
//step3: run the query and store result
$res = mysqli_query($dbc, $q);
//make sure we have a positive result
if(mysqli_num_rows($res) == 1){
######### LOGGING IN ##########
//starting a session
session_start();
//creating a log SESSION VARIABLE that will persist through pages
$_SESSION['log'] = 'in';
//redirecting to restricted page
header('location:restricted.php');
} else {
//create an error message
$error = 'Wrong details. Please try again';
}
}//end isset go
?>
<!-- HTML FORM GOES HERE -->
<!-- LOGIN FORM in: admin/index.php -->
<form method="post" action="#">
<p><label for="u_name">username:</label></p>
<p><input type="text" name="u_name" value=""></p>
<p><label for="u_pass">password:</label></p>
<p><input type="password" name="u_pass" value=""></p>
<p><button type="submit" name="go">log me in</button></p>
</form>
<!-- A paragraph to display eventual errors -->
<p><strong><?php if(isset($error)){echo $error;} ?></strong></p>
用户名:
密码:
让我登录
限制页面代码:
<?php #admin/restricted.php
#####[make sure you put this code before any html output]#####
//starting the session
session_start();
//checking if a log SESSION VARIABLE has been set
if( !isset($_SESSION['log']) || ($_SESSION['log'] != 'in') ){
//if the user is not allowed, display a message and a link to go back to login page
echo "You are not allowed. <a href="index.php">back to login page</a>";
//then abort the script
exit();
}
/**
* #### CODE FOR LOG OUT #### click here to see the logout tutorial
*/
?>
<!-- RESTRICTED PAGE HTML GOES HERE -->
<h1> TEST </h1>
测验
谢谢你的帮助 此修复程序包含OP从Web下载的错误。难怪这次行动很艰难
它为一件事查询了错误的列,并插入到错误的表中
代码中的另一个错误是这一行:
echo "You are not allowed. <a href="index.php">back to login page</a>";
重写 大多数网站都有一个不允许普通用户访问的私人部分。你可以考虑一个管理部分,网站管理员可以在那里找到他的CMS,一个私人区域,有敏感的个人信息,甚至只是你用来处理电子邮件的电子邮件管理器 所有这些情况都有一个共同点:它们只限制允许用户通过登录系统进行访问 要创建身份验证系统,您需要:
- 一个数据库,一个名为users的表,至少有三列:id、username、password
- 用户填写用户名和密码的HTML表单
- 一个PHP脚本,用于检查提供的用户名和密码是否确实存在
- 只有成功登录后,用户才能访问私人区域
CREATE TABLE `users` (
`id` INT( 5 ) UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`username` VARCHAR( 50 ) NOT NULL ,
`password` VARCHAR( 50 ) NOT NULL
)
b) 插入两个用户:
INSERT INTO `users`
( `id` , `username` , `password` )
VALUES ( NULL , 'john', SHA1('johnPsw' ) ),
( NULL , 'james', SHA1('jamesPsw') ),
( NULL , 'jim', SHA1('jimPsw' ) );
请注意:我们正在使用SHA1()
函数加密密码
第2步。登录表单:
<!-- LOGIN FORM in: admin/index.php -->
<form method="post" action="">
<p><label for="u_name">username:</label></p>
<p><input type="text" name="u_name" value=""></p>
<p><label for="u_pass">password:</label></p>
<p><input type="password" name="u_pass" value=""></p>
<p><button type="submit" name="go">log me in</button></p>
</form>
<!-- A paragraph to display eventual errors -->
<p><strong><?php if(isset($error)){echo $error;} ?></strong></p>
用户名:
密码:
让我登录
第3步。php脚本:
<?php #admin/index.php
#####[make sure you put this code before any html output]#####
//connect to server
$dbc = mysqli_connect('localhost','root','') or
die('could not connect: '. mysqli_connect_error());
//select db
mysqli_select_db($dbc, 'examples') or die('no db connection');
//check if the login form has been submitted
if(isset($_POST['go'])){
#####form submitted, check data...#####
//step 1a: sanitise and store data into vars (storing encrypted password)
$usr = mysqli_real_escape_string($dbc, htmlentities($_POST['u_name']));
$psw = SHA1($_POST['u_pass']) ; //using SHA1() to encrypt passwords
//step2: create query to check if username and password match
$q = "SELECT * FROM users WHERE username='$usr' AND password='$psw' ";
//step3: run the query and store result
$res = mysqli_query($dbc, $q);
//make sure we have a positive result
if(mysqli_num_rows($res) == 1){
######### LOGGING IN ##########
//starting a session
session_start();
//creating a log SESSION VARIABLE that will persist through pages
$_SESSION['log'] = 'in';
//redirecting to restricted page
header('location:restricted.php');
} else {
//create an error message
$error = 'Wrong details. Please try again';
}
}//end isset go
?>
<!-- HTML FORM GOES HERE -->
第4步。受限页面:
<?php #admin/restricted.php
#####[make sure you put this code before any html output]#####
//starting the session
session_start();
//checking if a log SESSION VARIABLE has been set
if( !isset($_SESSION['log']) || ($_SESSION['log'] != 'in') ){
//if the user is not allowed, display a message and a link to go back to login page
echo "You are not allowed. <a href=\"index.php\">back to login page</a>";
//then abort the script
exit();
}
else{
echo "Success!";
}
/**
* #### CODE FOR LOG OUT #### click here to see the logout tutorial
*/
?>
<!-- RESTRICTED PAGE HTML GOES HERE -->
Hmm现在正在记录,但它表明我是不被允许的。@除数这是某种形式的成功。我贴的东西很管用,所以不管你以后做什么我都无法控制。
<?php #admin/restricted.php
#####[make sure you put this code before any html output]#####
//starting the session
session_start();
//checking if a log SESSION VARIABLE has been set
if( !isset($_SESSION['log']) || ($_SESSION['log'] != 'in') ){
//if the user is not allowed, display a message and a link to go back to login page
echo "You are not allowed. <a href=\"index.php\">back to login page</a>";
//then abort the script
exit();
}
else{
echo "Success!";
}
/**
* #### CODE FOR LOG OUT #### click here to see the logout tutorial
*/
?>
<!-- RESTRICTED PAGE HTML GOES HERE -->