Fatal编程技术网
  • php/
  • Php 验证登录/注册用户PDO

Php 验证登录/注册用户PDO

php validation

Php 验证登录/注册用户PDO,php,validation,pdo,Php,Validation,Pdo,我刚开始使用PDO,我的代码有问题。我知道了如何将用户信息插入数据库,但我不知道如何使用相同的注册信息登录。任何建议都很好 登记表 <?php session_start(); $dbh=new PDO("mysql:host=localhost;dbname=csci409_starter","root","root"); $fields = array( 'first_name'=>'First Name', 'last_name'=>'Last N

我刚开始使用PDO,我的代码有问题。我知道了如何将用户信息插入数据库,但我不知道如何使用相同的注册信息登录。任何建议都很好

登记表

    <?php
session_start();
$dbh=new PDO("mysql:host=localhost;dbname=csci409_starter","root","root");
$fields = array(
    'first_name'=>'First Name',
    'last_name'=>'Last Name',
    'email'=>'Email',
    'password'=>'Password',

);

//If the form has been submitted, validate it.
if(isset($_POST['submit'])){

//Create an array to hold the values we want to insert.
$values = array();

//For each of the fields we want, check if the field was posted, and if so trim it and use it. Otherwise use NULL.
foreach($fields AS $field=>$label){
//This line is using the ternary operator, it's basically a shorthand if/else assignment.
$values[$field] = isset($_POST[$field]) ? trim($_POST[$field]) : NULL;
}
$errors = array();
/*First and Last Names are required. strlen will return the string's length */
if(!isset($values['first_name']) || !strlen($values['first_name'])){
$errors['first_name'] = 'Please Enter a First Name';
}
if(!isset($values['last_name']) || !strlen($values['last_name'])){
$errors['last_name'] = 'Please Enter a Last Name';
}


//If there are any errors, display the form again. Otherwise, insert the data
if(!count($errors)){
$sql = "INSERT INTO  googlereaderreplacement.users (first_name, last_name, email, password)
VALUES (?, ?, ?, ?)";
$stmt = $dbh->prepare($sql);
/* array_values() will pull just the array's values, without the string keys.
The positional placeholder requires a numeric key. */
$result = $stmt->execute(array_values($values));
}
}
?>

<style>
    label{
        display: block;
        margin: 5px 0;
    }

    .error{
        font-weight: bold;
        color: #BB0000;
    }
</style>

<?php
//If the form was submitted and an insert was attempted, display a message.
if(isset($result)){
    if($result){
        echo '<b>Successfully Inserted!</b>';
    }else{
        echo '<b>Unable to Insert</b>';
        print '<pre>'.print_r($stmt->errorInfo(), true);
    }
}
?>

<h1>Insert Contact</h1>
<form action="register.php" method="post">

    First Name: <input type="input" name="first_name" id="first_name" value="" />
    <br/>
    Last Name: <input type="input" name="last_name" id="last_name" value="" />
    <br/>
    Email (Username): <input type="text" name="email" id="email" value="" />
    <br />
    Password: <input type="password" name="password" id="password" value="" />
    <br />
    Confirm Password: <input type="password" name="password2" id="password2" value="" />
    <br />
    <input type="submit" value="Register" name="submit" id="submit" />

</form>

<form action="index.php">
    <input type="submit" value="Return to Main page">
</form>

以上所有内容都是要检索的服务器端代码等,您需要将数据(电子邮件和密码)发布到登录页面。因此,创建一个html表单,其中包含两个输入,一个用于电子邮件,另一个用于密码。您缺少登录表单。我添加了一个表单来登录,它位于底部代码中

<?php
session_start();

if(isset($_SESSION['name'])){
    echo 'Welcome back '.$_SESSION['name'], '<a href="logout.php">Logout</a>';
} else {
    echo '<a href="login.php">Login</a><br />
    <a href="register.php">Register</a>';
}
?>



<?php
session_start();
$error = NULL;

// form login logic here
if(isset($_POST['submit']))
{
    $valid = TRUE;

    // form validation goes here


    // assumed valid
    if($valid)
    {
        $safe_email = mysql_real_escape_string($_POST['email']);
        $safe_password = sha1($_POST['password']);

        $sql = "SELECT id, created, first_name, last_name, email, level FROM users WHERE email = '$safe_email' AND password = '$safe_password'";
//        echo $sql;

        require_once "_db_connect.php";
        $results = mysql_query($sql, $db);

        $row = mysql_fetch_assoc($results);
//        echo '<pre>';
//        print_r($row);
//        echo '</pre>';
        $_SESSION['first_name'] = $_SESSION['name'] = $row['first_name'];
        $_SESSION['email'] = $row['email'];
        $_SESSION['level'] = $row['level'];
        $_SESSION['id'] = $row['id'];
        header("Location: index.php");
    }
}


// look for messages
if(isset($_GET['msg']))
{
    switch($_GET['msg'])
    {
        case 1:
            echo '<h2>Please login below!</h2>';
            break;
    }
}






$title = "Login";
$h1 = "Login Below";

?>

<!-- content -->
<form action="login.php" method="post">
    <?php
    echo $error;
    ?>
    Email (Username): <input type="text" name="email" id="email" value="" />
    <br />
    Password: <input type="password" name="password" id="password" value="" />
    <br />
    <input type="submit" value="Login" name="submit" id="submit" />

</form>