注意:第23行C:\xampp\htdocs\logmein\login.php中的未定义索引:userid
我花了几分钟的时间,但我不能找出这个简单的错误。这是我的index.php注意:第23行C:\xampp\htdocs\logmein\login.php中的未定义索引:userid,php,session,Php,Session,我花了几分钟的时间,但我不能找出这个简单的错误。这是我的index.php <?php session_start(); //error_reporting(0); require_once('conn.php'); unset($_SESSION['userid']); unset($_SESSION['username']); ?> <html> <head><title>Log-In Page</title></head&g
<?php
session_start();
//error_reporting(0);
require_once('conn.php');
unset($_SESSION['userid']);
unset($_SESSION['username']);
?>
<html>
<head><title>Log-In Page</title></head>
<body>
<form action="login.php" method="post">
Username: <input type="text" name="username" /><br/>
Password: <input type="password" name="password"/><br/>
<input type="submit" value="Log In"/>
</form>
<?php
if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {
foreach($_SESSION['ERRMSG_ARR'] as $msg) {
echo '<font color="#FF0000">',$msg,'</font>';
}
unset($_SESSION['ERRMSG_ARR']);
}
?>
<br/>
<p>Not Yet Registered?Click <a href="regform.php">here</a>.</p>
</body>
</html>
<?php
//error_reporting(0);//hide php error
session_start();
$con = mysql_connect("localhost","root","");//host connection
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("dblogin", $con);//select dbname
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//variables
$userid= clean($_POST['userid']);
$username=clean(strtolower($_POST['username']));//transform username input into lower keys
$password= clean($_POST['password']);
date_default_timezone_set('Asia/Kuala_Lumpur');//time may varies
$datenow= date("Y/m/d H:i:s");//returns current date and time
$query=mysql_query("select *from itinerary_person where username='$username'");
$row=mysql_num_rows($query);//count row
//check if user exist
if ($row == 1){
$user = mysql_fetch_assoc($query);//fetch the related result from the query
require('blowfish.class.php');
$bcrypt = new Bcrypt(4);
if ($bcrypt->verify($_POST['password'], $user['password'])) {
session_regenerate_id();
$_SESSION['userid']= $user['userid'];
$_SESSION['username']= $user['username'];
session_write_close();
$filename=$_SESSION['username'];
$myFile = "logs/$filename.txt";
$fh = fopen($myFile, 'a') or die("can't open file");//save user's log in time and date
$stringData ="\r\n". $username .' logged in at '. $datenow;//new line
fwrite($fh, $stringData);
fclose($fh);
header("location:welcome.php");//redirect page if successful
}
}
else{
//redirect to index page if user not exist
//Login failed
$errmsg_arr[] = 'Invalid input';
$errflag = true;
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location:index.php");
exit();
}
}
?>
我知道,如果表单上没有名称值,也会发生此错误。但在这种情况下,我不知道。请从代码中删除以下行,因为它没有意义:
$userid = clean($_POST['userid']);
session_regenerate_id();
$_SESSION['userid']= $user['userid'];
$userid = clean($_SESSION['userid']); /* THIS LINE */
$_SESSION['username']= $user['username'];
session_write_close();
$\u POST['userid']不存在login.php:23,正如您的错误所示。可能是因为您没有发布该值。查看您的“网络”选项卡,了解您实际发布或输出的print\r$\u POST值。您的表单上没有用户名。您必须在接受值之前验证表单。i、 e.1。验证$\u POST中使用的所有字段是否与表单2中定义的字段相同。通过使用以下代码ifisset$_POST['userid']{//your code here}3验证它们是否为空。始终检查表单方法是否为$\u POST希望此帮助我尝试过。它不会返回错误,但不会重定向到welcome.php页面。您确定您的代码通过了bcrypt验证if语句吗?这可能是你的问题,我的解决方案很有效。添加一个else并在屏幕上写一些东西,看看它是否达到if语句。好的,谢谢,我发现它没有获得密码或者它不匹配。