Php 如何修复我的管理员登录代码
我想知道是否有人知道我的php代码有什么问题,以及我如何修复它。每次我尝试查看它是否有效,它只是告诉我信息不正确,请单击此处重试,但问题是我没有输入用户名或密码。它直接告诉我信息是错误的,然后再试一次。有人能帮我告诉我我的代码有什么问题吗Php 如何修复我的管理员登录代码,php,authentication,login,Php,Authentication,Login,我想知道是否有人知道我的php代码有什么问题,以及我如何修复它。每次我尝试查看它是否有效,它只是告诉我信息不正确,请单击此处重试,但问题是我没有输入用户名或密码。它直接告诉我信息是错误的,然后再试一次。有人能帮我告诉我我的代码有什么问题吗 <?php session_start(); if (isset($_SESSION["manager"])) { header("location: index.php"); exit();
<?php
session_start();
if (isset($_SESSION["manager"])) {
header("location: index.php");
exit();
}
?>
<?php
// Parse the log in form if the user has filled it out and pressed "Log In"
if (isset($_POST["username"]) && isset($_POST["password"])) {
$manager = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["username"]); // filter everything but numbers and letters
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password"]); // filter everything but numbers and letters
// Connect to the MySQL database
include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1"); // query the person
// ------- MAKE SURE PERSON EXISTS IN DATABASE ---------
if(mysql_num_rows($sql) >0); // count the row nums
while($row = mysql_fetch_array($sql)){
$id = $row["id"];
}
$_SESSION["id"] = $id;
$_SESSION["manager"] = $manager;
$_SESSION["password"] = $password;
header("location: index.php");
exit();
} else {
echo 'That information is incorrect, try again <a href="index.php">Click Here</a>';
exit();
}
?>
您需要将if和else条件设置在正确的位置 试试这个
<?php
session_start();
if (isset($_SESSION["manager"])) {
header("location: index.php");
exit();
}
// Parse the log in form if the user has filled it out and pressed "Log In"
if (isset($_POST["username"]) && isset($_POST["password"])) {
$manager = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["username"]); // filter everything but numbers and letters
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password"]); // filter everything but numbers and letters
// Connect to the MySQL database
include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1"); // query the person
// ------- MAKE SURE PERSON EXISTS IN DATABASE ---------
if(mysql_num_rows($sql) >0); // count the row nums
while($row = mysql_fetch_array($sql)){
$_SESSION["id"] = $row["id"];
$_SESSION["manager"] = $manager;
$_SESSION["password"] = $password;
header("location: index.php");
exit();
}
}else{
echo 'That information is incorrect, try again <a href="index.php">Click Here</a>';
exit;
}
失败的是这一行代码:
if (isset($_POST["username"]) && isset($_POST["password"]))
您需要编写发布用户名和密码的HTML代码
另外,您可能打算将else条件放在SQL查询之后,如下所示:
<?php
session_start();
if (isset($_SESSION["manager"])) {
header("location: index.php");
exit();
}
?>
<?php
// Parse the log in form if the user has filled it out and pressed "Log In"
if (isset($_POST["username"]) && isset($_POST["password"])) {
$manager = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["username"]); // filter everything but numbers and letters
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password"]); // filter everything but numbers and letters
// Connect to the MySQL database
include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1"); // query the person
// ------- MAKE SURE PERSON EXISTS IN DATABASE ---------
if(mysql_num_rows($sql) >0){ // count the row nums
while($row = mysql_fetch_array($sql)){
$id = $row["id"];
$_SESSION["id"] = $id;
$_SESSION["manager"] = $manager;
$_SESSION["password"] = $password;
header("location: index.php");
}
exit();
}else{
echo 'That information is incorrect, try again <a href="index.php">Click Here</a>';
}
}
exit();
?>
…然后通过函数运行所有用户输入数据,如下所示:
$errors = array();
if (!empty($_POST['username'])) {//handle the user name input
$user_name = clean_input($_POST['user_name']);
} else {//user_name not entered
$errors[] = 'You forgot to enter a user name';
}
if (!empty($_POST['password'])) {//handle the password input
$user_id = '';
$password = clean_input($_POST['password']);
$q = "SELECT id FROM admin WHERE username='$manager' AND password='$password' LIMIT 1";
$r = mysql_query($q);
while ($row = @mysql_fetch_array($r)) {
$id = $row["id"];
$_SESSION["id"] = $id;
$_SESSION["manager"] = $manager;
$_SESSION["password"] = $password;
}
} else {//password not entered
$errors[] = 'You forgot to enter a password';
}
if(!empty($errors)){
echo '<h3 class="error">Error!</h3>
<p class="error">The following error(s) occurred:<br/>';
foreach($errors as $msg){
echo " - $msg<br/>\n";
}
echo '</p><p class="error">Please try again.</p>';
}else{
header("location: index.php");
}
因此,我假设您的代码名为login.php。所以不要用这个代码
else {
echo 'That information is incorrect, try again <a href="index.php">Click Here</a>';
exit();
}
实际上,您希望在这里返回html表单
else {
echo '<form class="login-form"> .........';
exit();
}
没问题……很高兴我能help@user3200510如果我的建议有效并且有帮助的话,你能接受我的回答吗。。。谢谢
else {
echo '<form class="login-form"> .........';
exit();
}