php pdo登录失败
我已经学习了一个简单的php登录和注册脚本的在线教程,但是当我尝试登录失败时,出现了错误消息“登录失败。请重试,或注册”。注册页面的工作原理是在数据库中创建一个新条目,但它也不会重定向到给定的重定向页面。代码如下: class.user.php(配置文件中只包含一次)php pdo登录失败,php,mysql,pdo,passwords,Php,Mysql,Pdo,Passwords,我已经学习了一个简单的php登录和注册脚本的在线教程,但是当我尝试登录失败时,出现了错误消息“登录失败。请重试,或注册”。注册页面的工作原理是在数据库中创建一个新条目,但它也不会重定向到给定的重定向页面。代码如下: class.user.php(配置文件中只包含一次) login.php <?php $page_title = "Love Deals Login"; require('inc/connect/config.php'); include('inc/header.php')
login.php
<?php
$page_title = "Love Deals Login";
require('inc/connect/config.php');
include('inc/header.php');
if($user->is_loggedin()!="") {
$user->redirect('home.php');
}
if(isset($_POST['login'])) {
$uname = $_POST['txt_uname'];
$upass = $_POST['txt_upass'];
if($user->login($uname,$upass)) {
$user->redirect('home.php');
} else {
$error = "Login failed. Please try again, or register";
}
}
?>
<div class="container" style="padding: 100px 0 0 0;">
<div class="form-container">
<form method="post" id="login">
<h3>Please login</h3>
<?php if(isset($error)) {
?>
<div class="alert alert-danger">
<i class="glyphicon glyphicon-warning-sign"></i> <?php echo $error; ?>
</div>
<?php
}
?>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="text" class="form-control" name="txt_uname" placeholder="Username" required />
</div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="password" class="form-control" name="txt_upass" placeholder="Password" required />
</div>
<div class="clearfix"></div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<button type="submit" name="login" class="btn btn-primary pull-right">
<i class="glyphicon glyphicon-log-in"></i> Login</button>
</div>
<div class="col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3" style="text-align: center;">
<label>Don't have an account yet? <a href="signup.php">Register now</a></label>
</div>
</form>
</div>
</div>
<footer class="navbar-fixed-bottom search-footer">
<div class="container">
<div class="row">
<?php include('inc/footer.php'); ?>
<?php
$page_title = "Love Deals Register";
require('inc/connect/config.php');
include('inc/header.php');
if($user->is_loggedin()!="") {
$user->redirect('home.php');
}
if(isset($_POST['signup'])) {
$u_fname = trim($_POST['sign_fname']);
$u_lname = trim($_POST['sign_lname']);
$u_tel = trim($_POST['sign_tel']);
$u_email = trim($_POST['sign_email']);
$uname = trim($_POST['sign_uname']);
$upass = trim($_POST['sign_upass']);
if($u_fname=="") {
$error[] = "please provide first name";
} else if ($u_lname=="") {
$error[] = "please provide last name";
} else if($u_tel=="") {
$error[] = "please provide contact number";
} else if($u_email=="") {
$error[] = "please provide an email address";
} else if(!filter_var($u_email, FILTER_VALIDATE_EMAIL)) {
$error[] = "please provide a valid email address";
} else if($uname=="") {
$error[] = "please provide username";
} else if($upass=="") {
$error[] = "please provide password";
} else if(strlen($upass) < 8) {
$error[] = "Password must be at least 8 characters";
} else {
try {
$stmt = $db->prepare("SELECT user FROM users WHERE user=:uname");
$stmt->execute(array(':uname'=>$uname));
$row=$stmt->fetch(PDO::FETCH_ASSOC);
if($row['user']==$uname) {
$error[] = "sorry, username already taken! please choose another";
} else {
if($user->register($u_fname,$u_lname,$u_tel,$u_email,$uname,$upass)) {
$user->redirect('signup.php?joined');
}
}
} catch(PDOException $e) {
echo $e->getMessage();
}
}
}
?>
<div class="container" style="padding: 100px 0 0 0;">
<div class="form container">
<form method="post" id="signup">
<h3>Register</h3>
<?php if(isset($error)) {
foreach($error as $error) {
?>
<div class="alert alert-danger">
<i class="glyphicon glyphicon-warning-sign"></i> <?php echo $error; ?>
</div>
<?php
}
} else if(isset($_GET['joined'])) {
?>
<div class="alert alert-info">
<i class="glyphicon glyphicon-log-in"></i> Thanks! You are now registered. <a href="login.php">Login</a>
</div>
<?php
}
?>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="text" class="form-control" name="sign_fname" placeholder="First Name" required />
</div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="text" class="form-control" name="sign_lname" placeholder="Last Name" required />
</div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="text" class="form-control" name="sign_tel" placeholder="Contact Number" required />
</div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="text" class="form-control" name="sign_email" placeholder="Email" value="<?php if(isset($error)){echo $umail;}?>" required />
</div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="text" class="form-control" name="sign_uname" placeholder="Username" value="<?php if(isset($error)){echo $uname;}?>" required />
</div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="password" class="form-control" name="sign_upass" placeholder="Password" required />
</div>
<div class="clearfix"></div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3">
<button type="submit" class="btn btn-primary center-block" name="signup">
<i class="glyphicon glyphicon-open-file"></i> Register</button>
</div>
<div class="col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3" style="text-align: center;">
<label>Already have an account? <a href="login.php">Login</a></label>
</div>
</form>
</div>
</div>
<footer class="navbar-fixed-bottom search-footer">
<div class="container">
<div class="row">
<?php include('inc/footer.php'); ?>
<?php
$page_title = "Love Deals User Home";
require('inc/connect/config.php');
include('inc/header.php');
if(!$user->is_loggedin()) {
$user->redirect('login.php');
}
$user_id = $_SESSION['user_session'];
$stmt = $db->prepare("SELECT * FROM users WHERE id=:user_id");
$stmt->execute(array(":user_id"=>$user_id));
$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
?>
<div class="container" style="padding: 100px 0 0 0;">
<h3>welcome back <?php print($userRow['user']); ?></h3>
</div>
<div>
<label><a href="logout.php?logout=true"><i class="glyphicon glyphicon-log-out"> logout</a></label>
</div>
请登录
登录
你还没有账户吗?
signup.php
<?php
$page_title = "Love Deals Login";
require('inc/connect/config.php');
include('inc/header.php');
if($user->is_loggedin()!="") {
$user->redirect('home.php');
}
if(isset($_POST['login'])) {
$uname = $_POST['txt_uname'];
$upass = $_POST['txt_upass'];
if($user->login($uname,$upass)) {
$user->redirect('home.php');
} else {
$error = "Login failed. Please try again, or register";
}
}
?>
<div class="container" style="padding: 100px 0 0 0;">
<div class="form-container">
<form method="post" id="login">
<h3>Please login</h3>
<?php if(isset($error)) {
?>
<div class="alert alert-danger">
<i class="glyphicon glyphicon-warning-sign"></i> <?php echo $error; ?>
</div>
<?php
}
?>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="text" class="form-control" name="txt_uname" placeholder="Username" required />
</div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="password" class="form-control" name="txt_upass" placeholder="Password" required />
</div>
<div class="clearfix"></div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<button type="submit" name="login" class="btn btn-primary pull-right">
<i class="glyphicon glyphicon-log-in"></i> Login</button>
</div>
<div class="col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3" style="text-align: center;">
<label>Don't have an account yet? <a href="signup.php">Register now</a></label>
</div>
</form>
</div>
</div>
<footer class="navbar-fixed-bottom search-footer">
<div class="container">
<div class="row">
<?php include('inc/footer.php'); ?>
<?php
$page_title = "Love Deals Register";
require('inc/connect/config.php');
include('inc/header.php');
if($user->is_loggedin()!="") {
$user->redirect('home.php');
}
if(isset($_POST['signup'])) {
$u_fname = trim($_POST['sign_fname']);
$u_lname = trim($_POST['sign_lname']);
$u_tel = trim($_POST['sign_tel']);
$u_email = trim($_POST['sign_email']);
$uname = trim($_POST['sign_uname']);
$upass = trim($_POST['sign_upass']);
if($u_fname=="") {
$error[] = "please provide first name";
} else if ($u_lname=="") {
$error[] = "please provide last name";
} else if($u_tel=="") {
$error[] = "please provide contact number";
} else if($u_email=="") {
$error[] = "please provide an email address";
} else if(!filter_var($u_email, FILTER_VALIDATE_EMAIL)) {
$error[] = "please provide a valid email address";
} else if($uname=="") {
$error[] = "please provide username";
} else if($upass=="") {
$error[] = "please provide password";
} else if(strlen($upass) < 8) {
$error[] = "Password must be at least 8 characters";
} else {
try {
$stmt = $db->prepare("SELECT user FROM users WHERE user=:uname");
$stmt->execute(array(':uname'=>$uname));
$row=$stmt->fetch(PDO::FETCH_ASSOC);
if($row['user']==$uname) {
$error[] = "sorry, username already taken! please choose another";
} else {
if($user->register($u_fname,$u_lname,$u_tel,$u_email,$uname,$upass)) {
$user->redirect('signup.php?joined');
}
}
} catch(PDOException $e) {
echo $e->getMessage();
}
}
}
?>
<div class="container" style="padding: 100px 0 0 0;">
<div class="form container">
<form method="post" id="signup">
<h3>Register</h3>
<?php if(isset($error)) {
foreach($error as $error) {
?>
<div class="alert alert-danger">
<i class="glyphicon glyphicon-warning-sign"></i> <?php echo $error; ?>
</div>
<?php
}
} else if(isset($_GET['joined'])) {
?>
<div class="alert alert-info">
<i class="glyphicon glyphicon-log-in"></i> Thanks! You are now registered. <a href="login.php">Login</a>
</div>
<?php
}
?>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="text" class="form-control" name="sign_fname" placeholder="First Name" required />
</div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="text" class="form-control" name="sign_lname" placeholder="Last Name" required />
</div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="text" class="form-control" name="sign_tel" placeholder="Contact Number" required />
</div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="text" class="form-control" name="sign_email" placeholder="Email" value="<?php if(isset($error)){echo $umail;}?>" required />
</div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="text" class="form-control" name="sign_uname" placeholder="Username" value="<?php if(isset($error)){echo $uname;}?>" required />
</div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 login">
<input type="password" class="form-control" name="sign_upass" placeholder="Password" required />
</div>
<div class="clearfix"></div>
<div class="form-group col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3">
<button type="submit" class="btn btn-primary center-block" name="signup">
<i class="glyphicon glyphicon-open-file"></i> Register</button>
</div>
<div class="col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3" style="text-align: center;">
<label>Already have an account? <a href="login.php">Login</a></label>
</div>
</form>
</div>
</div>
<footer class="navbar-fixed-bottom search-footer">
<div class="container">
<div class="row">
<?php include('inc/footer.php'); ?>
<?php
$page_title = "Love Deals User Home";
require('inc/connect/config.php');
include('inc/header.php');
if(!$user->is_loggedin()) {
$user->redirect('login.php');
}
$user_id = $_SESSION['user_session'];
$stmt = $db->prepare("SELECT * FROM users WHERE id=:user_id");
$stmt->execute(array(":user_id"=>$user_id));
$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
?>
<div class="container" style="padding: 100px 0 0 0;">
<h3>welcome back <?php print($userRow['user']); ?></h3>
</div>
<div>
<label><a href="logout.php?logout=true"><i class="glyphicon glyphicon-log-out"> logout</a></label>
</div>
登记
谢谢您现在已注册。
“我只是将密码列设置为varchar,最多25个字符…–Kaylee”
这就是问题所在password\u hash()
生成60个字符。长度字符串
您当前的密码如下所示,例如:
$2y$10$.vGA1O9wmRjrwAVXD9
与它的外观相反,即:
2y$10$.vga1O9WMRJRWAVXD98HNOGSNPCZLQM3JQ7KNED1RVAGV3FYKK1A
“使用bcrypt算法(从PHP5.5.0起默认)。请注意,此常量旨在随着新的更强算法添加到PHP中而随时间变化。因此,使用此标识符的结果长度可能会随时间变化。因此,建议将结果存储在可扩展到60个字符以上的数据库列中(255个字符将是一个不错的选择)。”
- 您需要清除密码行,将列的长度更改为60+或按照手册建议的255,然后用新的哈希重新开始。
参考:
另外,看到您正在使用会话,请确保它是在使用会话的所有页面中启动的
检查错误
还要确保函数没有变量作用域问题
如果是这样,将db连接传递给它们
编辑:
我似乎错过了一些东西,OP很好心地将其包含在评论中:
“我现在已成功登录(Yaaay)…必须将$user->redirect()更改为header(),但它现在正在工作!”
“我只是将密码列设置为varchar,最多25个字符…–Kaylee”
这就是问题所在password\u hash()
生成60个字符。长度字符串
您当前的密码如下所示,例如:
$2y$10$.vGA1O9wmRjrwAVXD9
与它的外观相反,即:
2y$10$.vga1O9WMRJRWAVXD98HNOGSNPCZLQM3JQ7KNED1RVAGV3FYKK1A
“使用bcrypt算法(从PHP5.5.0起默认)。请注意,此常量旨在随着新的更强算法添加到PHP中而随时间变化。因此,使用此标识符的结果长度可能会随时间变化。因此,建议将结果存储在可扩展到60个字符以上的数据库列中(255个字符将是一个不错的选择)。”
- 您需要清除密码行,将列的长度更改为60+或按照手册建议的255,然后用新的哈希重新开始。
参考:
另外,看到您正在使用会话,请确保它是在使用会话的所有页面中启动的
检查错误
还要确保函数没有变量作用域问题
如果是这样,将db连接传递给它们
编辑:
我似乎错过了一些东西,OP很好心地将其包含在评论中:
“我现在已成功登录(Yaaay)…必须将$user->redirect()更改为header(),但它现在正在工作!”
这不是一个修复方案,但出于安全原因,我建议在会话中存储登录密钥,而不是id,然后创建一个随机的gen salt,并用salt散列密码。我认为会话已启动。密码列的长度是多少?抱歉。。。我只是将password列设置为varchar,最多25个字符…下面是我的答案。不是修复方法,但出于安全原因,我建议在会话中存储登录密钥,而不是id,然后创建一个随机的gen salt并用salt对密码进行哈希。我认为会话已启动。密码列的长度是多少?抱歉。。。我只是将密码列设置为varchar,最多25个字符…您有下面的答案,我的。downvoter,您想在这里解释一下吗?这很明显。你愿意和世界上其他人分享你的上帝赐予的智慧吗?谢谢,我现在就改变它,希望能解决它!弗雷德-ii-你绝对的上帝你,我现在已经成功登录(耶)。。。必须将$user->redirect()更改为header(),但它现在可以工作了!谢谢again@Kaylee很高兴听到,凯莉,干杯!不客气,唐纳,你能解释一下吗?这很明显。你愿意和世界上其他人分享你的上帝赐予的智慧吗?谢谢,我现在就改变它,希望能解决它!弗雷德-ii-你绝对的上帝你,我现在已经成功登录(耶)。。。必须将$user->redirect()更改为header(),但它现在可以工作了!谢谢again@Kaylee很高兴听到,凯莉,干杯!不客气。