2
我試圖在託管的網頁上創建一個簡單的登錄系統。我有一個使用phpMyAdmin創建的MySQL數據庫和表。數據庫,HTML和PHP文件託管在同一臺服務器上。我可以添加用戶,帳戶信息出現在表格中。問題在於登錄。我總是收到「登錄失敗錯誤」。我用過的教程是located here。我已經檢查並重新檢查了錯誤密碼,我不認爲這是問題。我相信這個問題與fetchColumn()
命令有關。從我研究的內容來看,這個命令抓取下一行,這對我來說沒有意義,因爲用戶名,密碼和用戶ID都位於同一行,只是不同的列。使用PHP和MYSQL創建登錄腳本
這是用戶提交信息,然後調用登錄腳本的形式。下面的代碼有兩種形式;第一種形式是什麼在這個問題上很重要。
<?php
/*** begin our session ***/
session_start();
/*** set a form token ***/
$form_token = md5(uniqid('auth', true));
/*** set the session form token ***/
$_SESSION['form_token'] = $form_token;
?>
<html>
<head>
<title>Log In Page</title>
<link rel="stylesheet" type="text/css" href="formstyle.css">
</head>
<header>
Log In Page
</header>
<body>
<h2>Log In</h2>
<form action="login_submit.php" method="post">
<fieldset id="forms" >
<p>
<label for="username">Username</label>
<input type="text" id="username" name="username" value="" maxlength="20"/>
</p>
<p>
<label for="password">Password</label>
<input type="text" id="password" name="password" value="" maxlength="20"/>
</p>
<p>
<input type="submit" value="Login"/>
</p>
</fieldset>
</form>
<h2>Create Account</h2>
<form action="adduser_submit.php" method="post">
<fieldset id="forms" >
<p>
<label for="username">Username</label>
<input type="text" id="username" name="username" value="" maxlength="20"/>
</p>
<p>
<label for="password">Password</label>
<input type="text" id="password" name="password" value="" maxlength="20"/>
</p>
<p>
<input type="hidden" name="form_token" value="<?php echo $form_token; ?>" />
<input type="submit" value="Sign Up"/>
</p>
</fieldset>
</form>
</body>
</html>
這是login_submit腳本。
<?php
/*** begin our session ***/
session_start();
/*** check if the user is already logged in ***/
if(isset($_SESSION['userID']))
{
$message = 'User is already logged in';
}
/*** check that both the username and password have been submitted ***/
if(!isset($_POST['username'], $_POST['password']))
{
$message = 'Please enter a valid username and password';
}
/*** check the username is the correct length ***/
elseif (strlen($_POST['username']) > 20 || strlen($_POST['username']) < 4)
{
$message = 'Incorrect Length for Username';
} `enter code here`
/*** check the password is the correct length ***/
elseif (strlen($_POST['password']) > 20 || strlen($_POST['password']) < 4)
{
$message = 'Incorrect Length for Password';
}
/*** check the username has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['username']) != true)
{
/*** if there is no match ***/
$message = "Username must be alpha numeric";
}
else
{
/*** if we are here the data is valid and we can insert it into database ***/
$username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);
/*** now we can encrypt the password ***/
$password = sha1($password);
/*** connect to database ***/
/*** mysql hostname ***/
$mysql_hostname = 'localhost';
/*** mysql username ***/
$mysql_username = 'neticl5';
/*** mysql password ***/
$mysql_password = 'corrupted707';
/*** database name ***/
$mysql_dbname = 'neticl5_apptest';
try
{
$dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
/*** $message = a message saying we have connected ***/
/*** set the error mode to excptions ***/
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
/*** prepare the select statement ***/
$stmt = $dbh->prepare('SELECT userID, username, password FROM useraccounts
WHERE username = :username AND password = :password');
/*** bind the parameters ***/
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR, 40);
/*** execute the prepared statement ***/
$stmt->execute();
/*** check for a result ***/
$userID = $stmt->fetchColumn();
/*** if we have no result then fail boat ***/
if($userID == false)
{
$message = 'Login Failed';
}
/*** if we do have a result, all is well ***/
else
{
/*** set the session user_id variable ***/
$_SESSION['userID'] = $userID;
/*** tell the user we are logged in ***/
$message = 'You are now logged in';
}
}
catch(Exception $e)
{
/*** if we are here, something has gone wrong with the database ***/
$message = 'We are unable to process your request. Please try again later';
}
}
?>
<html>
<head>
<title>Log In</title>
</head>
<body>
<p><?php echo $message; ?></p>
</body>
</html>
我想閱讀該教程嗎?呵呵 – 2014-11-09 03:34:34
PHP開啓標籤('<?php')之前的空白是有問題的。在調用'session_open()'](http://php.net/session_start#refsect1-function.session-start-notes)之前,你不能發送任何*輸出。 – 2014-11-09 05:00:57