Php、MySql和Webform
我已经花了两天多的时间试图弄明白这一点,我正在学习youtube教程,为我的Android应用程序提供了一个基本的登录,但在我这么做之前,我想测试一下.php脚本Php、MySql和Webform,php,mysql,Php,Mysql,我已经花了两天多的时间试图弄明白这一点,我正在学习youtube教程,为我的Android应用程序提供了一个基本的登录,但在我这么做之前,我想测试一下.php脚本 require("config.inc.php"); if (!empty($_POST)) { //gets user's info based off of a username. $query = "SELECT id, username, passwrd FROM applicatio
require("config.inc.php");
if (!empty($_POST)) {
//gets user's info based off of a username.
$query = "SELECT id, username, passwrd
FROM application_users
WHERE
username = :username
";
$query_params = array(
':username' => $_POST['username']
);
try {
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch (PDOException $ex) {
// For testing, you could use a die and message.
//die("Failed to run query: " . $ex->getMessage());
//or just use this use this one to product JSON data:
$response["success"] = 0;
$response["message"] = "Database Error1. Please Try Again!";
die(json_encode($response));
}
//This will be the variable to determine whether or not the user's information is correct.
//we initialize it as false.
$validated_info = false;
//fetching all the rows from the query
$row = $stmt->fetch();
echo $row;
if ($row) {
//if we encrypted the password, we would unencrypt it here, but in our case we just
//compare the two passwords
if ($_POST['password'] === $row['password']) {
$login_ok = true;
}
}
// If the user logged in successfully, then we send them to the private members-only page
// Otherwise, we display a login failed message and show the login form again
if ($login_ok) {
$response["success"] = 1;
$response["message"] = "Login successful!";
die(json_encode($response));
} else {
$response["success"] = 0;
$response["message"] = "Invalid Credentials!";
die(json_encode($response));
}
} else {
?>
<h1>Login</h1>
<form action="login.php" method="post">
Username:<br />
<input type="text" name="username" placeholder="username" />
<br /><br />
Password:<br />
<input type="password" name="password" placeholder="password" value="" />
<br /><br />
<input type="submit" value="Login" />
</form>
<a href="register.php">Register</a>
</form>
<?php
我想当我按下登录按钮时应该会成功,但我得到的凭据无效,并且我知道用户名和密码是正确的
下面是我的login.php脚本
require("config.inc.php");
if (!empty($_POST)) {
//gets user's info based off of a username.
$query = "SELECT id, username, passwrd
FROM application_users
WHERE
username = :username
";
$query_params = array(
':username' => $_POST['username']
);
try {
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch (PDOException $ex) {
// For testing, you could use a die and message.
//die("Failed to run query: " . $ex->getMessage());
//or just use this use this one to product JSON data:
$response["success"] = 0;
$response["message"] = "Database Error1. Please Try Again!";
die(json_encode($response));
}
//This will be the variable to determine whether or not the user's information is correct.
//we initialize it as false.
$validated_info = false;
//fetching all the rows from the query
$row = $stmt->fetch();
echo $row;
if ($row) {
//if we encrypted the password, we would unencrypt it here, but in our case we just
//compare the two passwords
if ($_POST['password'] === $row['password']) {
$login_ok = true;
}
}
// If the user logged in successfully, then we send them to the private members-only page
// Otherwise, we display a login failed message and show the login form again
if ($login_ok) {
$response["success"] = 1;
$response["message"] = "Login successful!";
die(json_encode($response));
} else {
$response["success"] = 0;
$response["message"] = "Invalid Credentials!";
die(json_encode($response));
}
} else {
?>
<h1>Login</h1>
<form action="login.php" method="post">
Username:<br />
<input type="text" name="username" placeholder="username" />
<br /><br />
Password:<br />
<input type="password" name="password" placeholder="password" value="" />
<br /><br />
<input type="submit" value="Login" />
</form>
<a href="register.php">Register</a>
</form>
<?php
require(“config.inc.php”);
如果(!空($\u POST)){
//根据用户名获取用户信息。
$query=“选择id、用户名、密码”
来自应用程序用户
哪里
用户名=:用户名
";
$query_params=数组(
':username'=>$\u POST['username']
);
试一试{
$stmt=$db->prepare($query);
$result=$stmt->execute($query\u参数);
}
捕获(PDO异常$ex){
//对于测试,可以使用骰子和消息。
//die(“无法运行查询:”..ex->getMessage());
//或者只使用这个来生成JSON数据:
$response[“success”]=0;
$response[“message”]=“数据库错误1。请重试!”;
die(json_编码($response));
}
//这将是确定用户信息是否正确的变量。
//我们将其初始化为false。
$validated_info=false;
//正在从查询中获取所有行
$row=$stmt->fetch();
echo$行;
如果($行){
//如果我们加密了密码,我们会在这里取消加密,但在我们的情况下,我们只是
//比较两个密码
如果($_POST['password']===$row['password'])){
$login\u ok=true;
}
}
//如果用户成功登录,则我们会将其发送到“仅限私人成员”页面
//否则,我们将显示登录失败消息并再次显示登录表单
如果($login\u ok){
$response[“success”]=1;
$response[“message”]=“登录成功!”;
die(json_编码($response));
}否则{
$response[“success”]=0;
$response[“message”]=“无效凭据!”;
die(json_编码($response));
}
}否则{
?>
登录
用户名:
密码:
因此,当加载脚本并从远程MYSQL服务器输入值时,消息会以无效凭据的形式返回。我只想确保登录成功,然后再转到android部分,这本身就是一个很大的任务。我还没有机会用真实的数据库测试它,但这应该会起作用。您必须我必须在文件顶部添加require(“config.inc.php”);
,并且我添加了一个自定义数据库连接。我还使用PDO,因此查询看起来可能与您目前使用的不同
<?php
// Database connection
try
{
$db = new PDO('mysql:host=localhost;dbname=mydatabase', 'myusername', 'mypassword');
$db->exec('SET CHARACTER SET UTF8');
}
catch (Exception $e)
{
//Message in case of error when connecting to the database
die('Erreur : ' . $e->getMessage());
}
// *** End database connection
$username = ""; // Initialize value in order to keep its value so the user can still see it in his form
if (isset($_POST['login'])) { // if the "login" button is pressed
$username = $_POST['username']; // retrieve username value from the form
$password = $_POST['password']; // retrieve password value from the form
/*
* If a username is unique then a way to do it is to count how many times
* the couple with this username and this password appears in our database.
*/
$query = $db->prepare("SELECT COUNT(*) userAmount ".
"FROM application_users ".
"WHERE username = $username ".
"AND password = $password;");
$query->execute();
$query->closeCursor();
$resultAmount = $query->fetch();
if ($resultAmount['userAmount'] == 0){ // If the couple username-password is unfound
$message = "Username or password unknown";
} else {
$message("Login successful");
}
}
?>
<h1>Login</h1>
<form action="login.php" method="post">
Username:<br />
<input type="text" name="username" placeholder="username" value="<?php echo($username); ?>" />
<br/><br/>
Password:<br/>
<input type="password" name="password" placeholder="password" value="" />
<br/><br/>
<input type="submit" name="login" value="Login" />
<a href="register.php">Register</a>
</form>
登录
用户名:
您确定数据是通过post操作发送的吗?是否完成了任何基本调试?var\u dump($\u post)
和var\u dump($row)
将准确显示php从表单和数据库接收到的内容。检查字符串长度、检查字符串内容等。从未真正使用php进行过任何调试,我应该将var_dump语句放在何处。@Barry,我想是这样的,因为我正在学习一个教程,我知道在MYSQL数据库中密码是加密的,但在我的在我使用标准密码的情况下,我进入数据库并创建了另一个密码未加密的用户。您可以在任何地方添加密码,以查看参数中包含的变量。