登录脚本问题 [英] Login script problem

查看：42 发布时间：2021/6/6 20:34:52 php mysql

本文介绍了登录脚本问题的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

<块引用>

可能的重复:
如果登录名错误，则不会收到错误消息，只是空白 div，但如果用户名正确，我可以检测到错误的密码

我一直在努力让这段代码工作，我改变了它以前的方式.请问您能发现问题吗?如果登录正确，我仍然会收到用户名或密码不正确".请帮助这里是代码:

<html lang="zh-cn" ><头><title>登录 |JM Today </title><link href="Mainstyles.css" type="text/css" rel="stylesheet"/><身体><div class="容器"><?php include("header.php");?><?php include("navbar.php");?><?php include("cleanquery.php") ?><div id="包裹"><?phpini_set('display_errors', 'On');错误报告(E_ALL ^ E_NOTICE | E_STRICT)；$conn=mysql_connect("localhost", "***", "***") 或 die(mysql_error());mysql_select_db('jmtdy', $conn) 或 die(mysql_error());if(( strlen($_POST['user']) >0) && (strlen($_POST['pass']) >0) && isset($_POST['sublogin'])){checklogin($_POST['user'], $_POST['pass']);}elseif(( strlen($_POST['user']) ==0) || (strlen($_POST['pass']) ==0)){echo '<p class="statusmsg">您没有填写必填字段.</p><br/><input type="button" value="Retry" onClick="location.href='."'login.php'\">";返回;}别的{echo '<p class="statusmsg">你来错了，是不是?</p><br/><input type="button" value="Retry" onClick="location.href='."'login.php'\">";返回;}功能检查登录($用户名，$密码){$username=mysql_real_escape_string($username);$password=mysql_real_escape_string($password);$result=mysql_query("select username from users where username = '$username'");如果($结果！=假){$dbArray=mysql_fetch_array($result);$dbArray['password']=mysql_real_escape_string($dbArray['password']);$dbArray['username']=mysql_real_escape_string($dbArray['username']);if(($dbArray['password'] != $password) || ($dbArray['username'] != $username)){echo '<p class="statusmsg">您输入的用户名或密码不正确.请重试.</p><br/><input type="button" value="Retry" onClick="location.href='."'login.php'\">";返回;}$_SESSION['用户名']=$用户名；$_SESSION['password']=$password;if(isset($_POST['记住'])){setcookie("jmuser",$_SESSION['用户名'],time()+60*60*24*356);setcookie("jmpass",$_SESSION['用户名'],time()+60*60*24*356);}}别的{echo'<p class="statusmsg">您输入的用户名或密码不正确.请重试.</p><br/>input type="button" value="Retry" onClick="location.href='."'login.php'\">";返回;}}?>

<br/><br/><?php include("footer.php") ?>

</html>

解决方案

您只是从您的数据库中选择了用户名，但您正在尝试比较密码 返回的结果不存在.您还需要选择 password，否则与提供的密码的比较将始终为 false 或错误.

另外，我刚刚意识到您似乎以纯文本形式存储密码.请不要这样做.

Possible Duplicate:
Don't get error message if login name is wrong, just blank div, but I can detect wrong password if username is correct

I have been trying to get this code to work, I changed it from how it was previously. Could you please discover the problem? If the sign in is correct I still get "The username or password is incorrect." Please help here is the code:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" >
<head>
    <title>Login | JM Today </title>
    <link href="Mainstyles.css" type="text/css" rel="stylesheet" />
</head>
<body>
<div class="container">
    <?php include("header.php"); ?>
    <?php include("navbar.php"); ?>
    <?php include("cleanquery.php") ?>  

    <div id="wrap">

       <?php
       ini_set('display_errors', 'On');
        error_reporting(E_ALL ^ E_NOTICE | E_STRICT);

        $conn=mysql_connect("localhost", "***", "***") or die(mysql_error());
        mysql_select_db('jmtdy', $conn) or die(mysql_error());

        if(( strlen($_POST['user']) >0) && (strlen($_POST['pass']) >0) && isset($_POST['sublogin'])) {

            checklogin($_POST['user'], $_POST['pass']);

        }
        elseif(( strlen($_POST['user']) ==0) || (strlen($_POST['pass']) ==0)){

            echo '<p class="statusmsg">You didn\'t fill in the required fields.</p><br/><input type="button" value="Retry" onClick="location.href='."'login.php'\">";
            return;
        }
        else{

            echo '<p class="statusmsg">You came here by mistake, didn\'t you?</p><br/><input type="button" value="Retry" onClick="location.href='."'login.php'\">";
            return;

        }   

      function checklogin($username, $password){

        $username=mysql_real_escape_string($username);
        $password=mysql_real_escape_string($password);

            $result=mysql_query("select username from users where username = '$username'");
            if($result != false){

                $dbArray=mysql_fetch_array($result);
                $dbArray['password']=mysql_real_escape_string($dbArray['password']);
                $dbArray['username']=mysql_real_escape_string($dbArray['username']);

                if(($dbArray['password'] != $password ) || ($dbArray['username'] != $username)){
                    echo '<p class="statusmsg">The username or password you entered is incorrect. Please try again.</p><br/><input type="button" value="Retry" onClick="location.href='."'login.php'\">";
                    return;
                }
                $_SESSION['username']=$username;
                $_SESSION['password']=$password;

                if(isset($_POST['remember'])){
                    setcookie("jmuser",$_SESSION['username'],time()+60*60*24*356);  
                    setcookie("jmpass",$_SESSION['username'],time()+60*60*24*356);
                }
            }

            else{
                echo'<p class="statusmsg">  The username or password you entered is incorrect. Please try again.</p><br/>input type="button" value="Retry" onClick="location.href='."'login.php'\">";
                return;
            }
        }           


      ?>
        </div>
        <br/>
        <br/>
<?php include("footer.php") ?>
</div>
</body>

</html>

解决方案

You're only selecting the username from your database, yet you're trying to compare the password with a non-existent returned result. You need to select the password as well or the comparison with the supplied password will always be either false or an error.

Edit: Also, I just realized that you seem to be storing passwords in plain text. Please don't do that.

这篇关于登录脚本问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

登录脚本问题 [英] Login script problem

问题描述

相关文章

PHP最新文章

热门教程

热门工具

登录关闭

登录脚本问题 [英] Login script problem

问题描述

相关文章

PHP最新文章

热门教程

热门工具

登录 关闭

登录关闭