php,登录脚本
我是php新手,我正在尝试编写一个注册脚本。我的问题是,当我尝试登录时,我看不到用户的菜单。也许问题在于会话和cookies,但我找不到它。以下是我的部分代码: config.phpphp,登录脚本,php,Php,我是php新手,我正在尝试编写一个注册脚本。我的问题是,当我尝试登录时,我看不到用户的菜单。也许问题在于会话和cookies,但我找不到它。以下是我的部分代码: config.php <?php oB_start(); $con = mysql_connect("localhost","root","123"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db
<?php
oB_start();
$con = mysql_connect("localhost","root","123");
if (!$con) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db("9gag", $con);
$logged = MYSQL_QUERY("SELECT * from users WHERE id='$_COOKIE[id]' AND password = '$_COOKIE[password]'");
$logged = mysql_fetch_array($logged);
?>
<?php
$con = mysql_connect("localhost","root","123");
if (!$con) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db("9gag", $con);
?>
第二个文件中的变量$logged为空,因此$logged将始终为true,第一部分将始终执行:)使用第二个文件中的cookie查看它是否已被记录有人已经说过如何使用会话更改COOCKIE,我不太了解您的表/列布局,但我已尝试改进您的代码,因此请尝试以下内容:)
config.php
<?php
oB_start();
$con = mysql_connect("localhost","root","123");
if (!$con) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db("9gag", $con);
$logged = MYSQL_QUERY("SELECT * from users WHERE id='$_COOKIE[id]' AND password = '$_COOKIE[password]'");
$logged = mysql_fetch_array($logged);
?>
<?php
$con = mysql_connect("localhost","root","123");
if (!$con) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db("9gag", $con);
?>
login.php
<?php
oB_start();
include("config.php");
if (!$logged[username]) {
if (!$_POST[login]) {
echo("<center><form method=\"POST\">
<table>
<tr>
<td align=\"right\">
User: <input type=\"text\" size=\"15\" maxlength=\"25\" name=\"username\">
</td>
</tr>
<tr>
<td align=\"right\">
Password: <input type=\"password\" size=\"15\" maxlength=\"25\" name=\"password\">
</td></tr><tr>
<td align=\"center\">
<input type=\"submit\" name=\"login\" value=\"Sign in\">
</td></tr><tr>
<td align=\"center\">
<a href=\"register.php\">Sign up</a>
</td></tr></table></form></center>");
}
if ($_POST[login]) {
$username = $_POST[username];
$password = $_POST[password];
$info = mysql_query("SELECT * FROM users WHERE username = '$username'") or die(mysql_error());
$data = mysql_fetch_array($info);
if($data['PASSWORD'] != $password) {
echo "Wrong username or password!";
}else{
$query = mysql_query("SELECT * FROM users WHERE username = '$username'") or die(mysql_error());
$user = mysql_fetch_array($query);
setcookie("id", $user['ID'],time()+(60*60*24*5), "/", "");
setcookie("password", $user['PASSWORD'],time()+(60*60*24*5), "/", "");
}
}
}
else {
echo ("<center>Welcome <b>$logged[username]</b><br /></center>
<a href=\"editprofile.php\">Profile</a><br />
<a href=\"logout.php\">Log out</a>");
}
?>
<?php
session_start();
ob_start();
include("config.php");
if (!Isset($_SESSION['id'])) {
if (!$_POST['login']) {
echo '<center><form method="POST">
<table>
<tr>
<td align="right">
User: <input type="text" size="15" maxlength="25" name="username">
</td>
</tr>
<tr>
<td align="right">
Password: <input type="password" size="15" maxlength="25" name="password">
</td></tr><tr>
<td align="center">
<input type="submit" name="login" value="Sign in">
</td></tr><tr>
<td align="center">
<a href="register.php">Sign up</a>
</td></tr></table></form></center>';
}
if ($_POST[login]) {
$username = $_POST['username'];
$password = $_POST['password'];
$info = mysql_query("SELECT * FROM users WHERE username = '".$username."'") or die(mysql_error());
$data = mysql_fetch_array($info);
if($data['password'] != $password) {
echo "Wrong username or password!";
}else{
$query = mysql_query("SELECT * FROM users WHERE username = '".$username."'") or die(mysql_error());
$user = mysql_fetch_array($query);
$_SESSION['username']=$user['username'];
$_SESSION['id']=$user['id'];
$_SESSION['password']=$user['password'];
}
}
}
else {
echo "<center>Welcome <b>".$_SESSION['username']."</b><br /></center>
<a href='editprofile.php'>Profile</a><br />
<a href='logout.php'>Log out</a>";
}
?>
登录时不要使用cookies。它们不安全。您应该使用会话变量。尝试打印($logged)
,它可以帮助您找到问题,我的意思是-它可以是查询…有很多地方需要开始。。。抽搐。。。在注入之间,对数组键使用常量,巨大的html回音,甚至仅仅是
标记…还有<代码>mysql\u选择\u数据库(“9gag”,$con)代码>9gag?我不知道写9gag:D是关于巨大的html,我同意。。我尝试了print\u r方法,但问题不在于int查询。实际上,因为他正在调用include(“config.php”)
,$logged
包含mysql\u fetch\u数组调用的结果;通过检查是否存在username
键,他可以有效地查看结果是否有任何行,这表明用户是否登录。