HI我這裏有這個代碼,,它是登錄系統:空數據
elseif($_GET['action'] == "login"){
if(!empty($_GET['user_name']) && !Empty($_GET['password'])){
session_name('Huemix|Studio');
session_set_cookie_params(2*7*24*60*60);
sec_session_start();
$user = sql_safe($_GET['user_name']);
$pass = sql_safe($_GET['password']);
$rem = sql_safe($_GET['rememberMe']);
if(!count($err)){
$sql = sprintf("SELECT loginid FROM login WHERE username='%s' AND password = '%s'",$user,md5($pass));
$query = mysql_query($sql);
$row = mysql_fetch_assoc($query);
if(!$query){
echo mysql_error();
}else{
echo $row["username"];
echo $row["loginid"];
//echo $user;
// echo $pass;
}
if($row['username']){
$sql = sprintf("UPDATE login SET last_login='".time()."' WHERE username = '%s' AND password = '%s' ",$user,md5($pass));
$query = mysql_query($sql);
if($query){
$_SESSION['username'] = $row['username'];
$_SESSION['id'] = $row['loginid'];
$_SESSION['rememberMe'] = $rem;
setcookie("HuemixRemember",$rem);
header("Location : index.php");
}
echo '<p style="color: #ff0000;">Error in Login system ,, Please Call The Programmer !</p>';
}else{
echo '<p style="color: #ff0000;">Error in Username and/or Password !</p>';
}
}
}else{
echo '<p style="color: #ff0000;">All Fields are Required !</p>';
}
}
現在我做了一些安全功能,以我的劇本,他們是: sec_session_start(); 和 sql_safe(); 這裏是:代碼: sec_session_start();
function sec_session_start() {
$session_name = 'sec_session_id'; // Set a custom session name
$secure = false; // Set to true if using https.
$httponly = true; // This stops javascript being able to access the session id.
ini_set('session.use_only_cookies', 1); // Forces sessions to only use cookies.
$cookieParams = session_get_cookie_params(); // Gets current cookies params.
session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly);
session_name($session_name); // Sets the session name to the one set above.
session_start(); // Start the php session
session_regenerate_id(true); // regenerated the session, delete the old one.
}
而且sql_safe():
function sql_safe($value){
if ($value){
$value = strip_tags($value);
$value = htmlspecialchars($value);
$value = trim($value);
$value = stripslashes($value);
$value = mysql_real_escape_string($value);
return $value;
}
else{
return false;
}
}
現在我的問題是在該行echo $row["username"];
沒有數據印刷,,我敢肯定,數據庫中有數據並且連接可以與數據庫 正常工作,並且我試圖執行echo $user;
以查看錯誤來自Interred從輸入框中輸入的值,但輸出與我插入的相同!
所以我真的不知道發生了什麼! 總是顯示由if語句if($row['username']){
造成的錯誤Error in Login system ,, Please Call The Programmer !
!!
另一個問題,請: 能否請你告訴我一個提示或代碼,以確保我的腳本,,一切「登錄,註銷,會話,餅乾......等」
並感謝^ _^