登录可以在台式机上进行,但不能在手机上进行吗? [英] Login works on desktop but not mobile?
问题描述
因此,我正在使用php-login-minimal来处理几乎完整的网站上的登录信息.
登录系统可以在台式机上完美运行,但在平板电脑或移动设备上,它的工作方式就像正在正常工作并登录我一样,但最终我还是在同一页面上要求我登录.
我不明白为什么它可以在台式机上运行而不能在移动设备上运行.该网页是为这两个网页加载的同一页面,因为我正在使用响应式设计来缩放内容以适合正在使用的任何屏幕,但是登录系统不会返回错误或任何可帮助我的信息. /p>
我已经在Login.php脚本中注意到有一行代码elseif (isset($_POST["login"])) {,但是除了提交按钮之外,所有表单元素都没有名称"login",你们认为这可能是一个问题?
我也在考虑修改代码以在URL(www.example.com/index?login)中指定登录名,看看是否可行,但是我不想像以前那样更改代码还没有完全了解.
谢谢大家的帮助!
我的登录表单
<form method="post" action="index.php" name="loginForm" id="loginForm">
<label for="login_input_username">Username</label>
<input id="login_input_username" class="login_input" type="text" name="user_name" required /><span class="linebreak"></span>
<label for="login_input_password">Password</label>
<input id="login_input_password" class="login_input" type="password" name="user_password" autocomplete="off" required /><span class="linebreak"></span>
<span class="loginregister"><input type="submit" name="login" value="Log in" /></span></form>
登录代码
index.php
<?php
if (version_compare(PHP_VERSION, '5.3.7', '<')) {
exit("Sorry, Simple PHP Login does not run on a PHP version smaller than 5.3.7 !");
} else if (version_compare(PHP_VERSION, '5.5.0', '<')) {
// if you are using PHP 5.3 or PHP 5.4 you have to include the password_api_compatibility_library.php
// (this library adds the PHP 5.5 password hashing functions to older versions of PHP)
require_once("libraries/password_compatibility_library.php");
}
// include the configs / constants for the database connection
require_once("config/db.php");
// load the login class
require_once("classes/Login.php");
// create a login object. when this object is created, it will do all login/logout stuff automatically
// so this single line handles the entire login process. in consequence, you can simply ...
$login = new Login();
// ... ask if we are logged in here:
if ($login->isUserLoggedIn() == true) {
// the user is logged in. you can do whatever you want here.
// for demonstration purposes, we simply show the "you are logged in" view.
include("views/logged_in.php");
} else {
// the user is not logged in. you can do whatever you want here.
// for demonstration purposes, we simply show the "you are not logged in" view.
include("views/not_logged_in.php");
}
classes/Login.php
<?php
/**
* Class login
* handles the user's login and logout process
*/
class Login
{
/**
* @var object The database connection
*/
private $db_connection = null;
/**
* @var array Collection of error messages
*/
public $errors = array();
/**
* @var array Collection of success / neutral messages
*/
public $messages = array();
/**
* the function "__construct()" automatically starts whenever an object of this class is created,
* you know, when you do "$login = new Login();"
*/
public function __construct()
{
// create/read session, absolutely necessary
session_start();
// check the possible login actions:
// if user tried to log out (happen when user clicks logout button)
if (isset($_GET["logout"])) {
$this->doLogout();
}
// login via post data (if user just submitted a login form)
elseif (isset($_POST["login"])) {
$this->dologinWithPostData();
}
}
/**
* log in with post data
*/
private function dologinWithPostData()
{
// check login form contents
if (empty($_POST['user_name'])) {
$this->errors[] = "Username field was empty.";
} elseif (empty($_POST['user_password'])) {
$this->errors[] = "Password field was empty.";
} elseif (!empty($_POST['user_name']) && !empty($_POST['user_password'])) {
// create a database connection, using the constants from config/db.php (which we loaded in index.php)
$this->db_connection = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
// change character set to utf8 and check it
if (!$this->db_connection->set_charset("utf8")) {
$this->errors[] = $this->db_connection->error;
}
// if no connection errors (= working database connection)
if (!$this->db_connection->connect_errno) {
// escape the POST stuff
$user_name = $this->db_connection->real_escape_string($_POST['user_name']);
// database query, getting all the info of the selected user (allows login via email address in the
// username field)
$sql = "SELECT user_name, user_email, user_password_hash
FROM users
WHERE user_name = '" . $user_name . "' OR user_email = '" . $user_name . "';";
$result_of_login_check = $this->db_connection->query($sql);
// if this user exists
if ($result_of_login_check->num_rows == 1) {
// get result row (as an object)
$result_row = $result_of_login_check->fetch_object();
// using PHP 5.5's password_verify() function to check if the provided password fits
// the hash of that user's password
if (password_verify($_POST['user_password'], $result_row->user_password_hash)) {
// write user data into PHP SESSION (a file on your server)
$_SESSION['user_name'] = $result_row->user_name;
$_SESSION['user_email'] = $result_row->user_email;
$_SESSION['user_login_status'] = 1;
print "<script type=\"text/javascript\">";
print "window.top.location.href='index.php'";
print "</script>";
exit;
} else {
$this->errors[] = "Wrong password. Try again.";
}
} else {
$this->errors[] = "This user does not exist.";
}
} else {
$this->errors[] = "Database connection problem.";
}
}
}
/**
* perform the logout
*/
public function doLogout()
{
// delete the session of the user
$_SESSION = array();
session_destroy();
// return a little feeedback message
$this->messages[] = "You have been logged out.";
}
/**
* simply return the current state of the user's login
* @return boolean user's login status
*/
public function isUserLoggedIn()
{
if (isset($_SESSION['user_login_status']) AND $_SESSION['user_login_status'] == 1) {
return true;
}
// default return
return false;
}
}
not_logged_in.php文件(logged_in.php与之相似,只是形式不能从display:none更改,因为用于链接的链接已更改为注销链接:
<?php
// show potential errors / feedback (from login object)
if (isset($login)) {
if ($login->errors) {
foreach ($login->errors as $error) {
echo $error;
}
}
if ($login->messages) {
foreach ($login->messages as $message) {
echo $message;
}
}
}
?>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
<link href="styles/main.css" rel="stylesheet" type="text/css">
<meta name="viewport" content="device-width, initial-scale=1, maximum-scale=1">
<script type="text/javascript">
function showForm(){
document.getElementById('login').style.display = "block";
}
function hideForm(){
document.getElementById('login').style.display = "none";
}
</script>
</head>
<body>
<header>
<div class="logo" id="logo">
<a href="#">Website Title</a>
</div>
<?php include("navigation.php"); ?>
</header>
<div id="login" class="login" style="display:none">
<div id="forms" class="forms">
<form method="post" action="index.php" name="loginForm" id="loginForm">
<label for="login_input_username">Username</label>
<input id="login_input_username" class="login_input" type="text" name="user_name" required /><span class="linebreak"></span>
<label for="login_input_password">Password</label>
<input id="login_input_password" class="login_input" type="password" name="user_password" autocomplete="off" required /><span class="linebreak"></span>
<span class="loginregister"><input type="submit" name="login" value="Log in" /></span></form><form action="#"><span class="loginregister"><input type="submit" value="Register"></span></form>
</div>
</div>
您的index.php文件(可能还有其他文件)向您发出该警告,因为您的HTML表单可能位于PHP之上,或者位于空格,cookie或BOM(字节顺序标记)之上.
您文件的编码可能包含字节顺序标记,这通常是导致标题发送警告的主要原因. UTF-8编码使您可以将文件另存为字节顺序标记带有"或不带有";您需要将它们另存为没有BOM".
这被认为是输出,<?php标记或cookie之前的空格也是如此.
要检查文件的编码是什么,可以在编码"选项下的代码编辑器选项内进行检查.
其中之一是Notepad ++ https://notepad-plus-plus.org/和还有其他人.
首先放置PHP,然后放置表单.
请向Stack咨询有关该警告的以下内容:
另外,一个快速的解决方法是在PHP文件的顶部使用ob_start();.
即:
<?php
ob_start();
// rest of your PHP
?>
然后输入HTML
或
<?php
ob_start();
?>
-
然后输入HTML
-
然后是其余的PHP/SQL.
加上,最初在评论中指出:
这些
'" . $user_name . "'包含空格,可能被解释为添加了额外的空格.请尝试删除它们'" .$user_name. "'或'".$user_name."'"
So I'm using php-login-minimal to handle logins on my almost complete website.
The login system works perfectly on desktop, but on tablet or mobile it acts as though it's working and logging me in but ultimately I end up at the same page asking me to log in.
I don't understand why it would work on desktop but not mobile. The webpage is the same page that is loaded for both, as I am using a responsive design to scale the content to fit whatever screen is being used, but the logging in system doesn't return an error or anything to help me out.
I've noticed in the Login.php script that there is a line of code elseif (isset($_POST["login"])) { but none of the form elements have the name "login" other than the submit button, do you guys reckon that could be an issue?
I was also thinking about adapting the code a little bit to specify login in the URL (www.example.com/index?login) and see if that works, but I don't want to change the code as I don't fully understand it all yet.
Thanks for any help though guys!
My Login Form
<form method="post" action="index.php" name="loginForm" id="loginForm">
<label for="login_input_username">Username</label>
<input id="login_input_username" class="login_input" type="text" name="user_name" required /><span class="linebreak"></span>
<label for="login_input_password">Password</label>
<input id="login_input_password" class="login_input" type="password" name="user_password" autocomplete="off" required /><span class="linebreak"></span>
<span class="loginregister"><input type="submit" name="login" value="Log in" /></span></form>
The Login Code
index.php
<?php
if (version_compare(PHP_VERSION, '5.3.7', '<')) {
exit("Sorry, Simple PHP Login does not run on a PHP version smaller than 5.3.7 !");
} else if (version_compare(PHP_VERSION, '5.5.0', '<')) {
// if you are using PHP 5.3 or PHP 5.4 you have to include the password_api_compatibility_library.php
// (this library adds the PHP 5.5 password hashing functions to older versions of PHP)
require_once("libraries/password_compatibility_library.php");
}
// include the configs / constants for the database connection
require_once("config/db.php");
// load the login class
require_once("classes/Login.php");
// create a login object. when this object is created, it will do all login/logout stuff automatically
// so this single line handles the entire login process. in consequence, you can simply ...
$login = new Login();
// ... ask if we are logged in here:
if ($login->isUserLoggedIn() == true) {
// the user is logged in. you can do whatever you want here.
// for demonstration purposes, we simply show the "you are logged in" view.
include("views/logged_in.php");
} else {
// the user is not logged in. you can do whatever you want here.
// for demonstration purposes, we simply show the "you are not logged in" view.
include("views/not_logged_in.php");
}
classes/Login.php
<?php
/**
* Class login
* handles the user's login and logout process
*/
class Login
{
/**
* @var object The database connection
*/
private $db_connection = null;
/**
* @var array Collection of error messages
*/
public $errors = array();
/**
* @var array Collection of success / neutral messages
*/
public $messages = array();
/**
* the function "__construct()" automatically starts whenever an object of this class is created,
* you know, when you do "$login = new Login();"
*/
public function __construct()
{
// create/read session, absolutely necessary
session_start();
// check the possible login actions:
// if user tried to log out (happen when user clicks logout button)
if (isset($_GET["logout"])) {
$this->doLogout();
}
// login via post data (if user just submitted a login form)
elseif (isset($_POST["login"])) {
$this->dologinWithPostData();
}
}
/**
* log in with post data
*/
private function dologinWithPostData()
{
// check login form contents
if (empty($_POST['user_name'])) {
$this->errors[] = "Username field was empty.";
} elseif (empty($_POST['user_password'])) {
$this->errors[] = "Password field was empty.";
} elseif (!empty($_POST['user_name']) && !empty($_POST['user_password'])) {
// create a database connection, using the constants from config/db.php (which we loaded in index.php)
$this->db_connection = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
// change character set to utf8 and check it
if (!$this->db_connection->set_charset("utf8")) {
$this->errors[] = $this->db_connection->error;
}
// if no connection errors (= working database connection)
if (!$this->db_connection->connect_errno) {
// escape the POST stuff
$user_name = $this->db_connection->real_escape_string($_POST['user_name']);
// database query, getting all the info of the selected user (allows login via email address in the
// username field)
$sql = "SELECT user_name, user_email, user_password_hash
FROM users
WHERE user_name = '" . $user_name . "' OR user_email = '" . $user_name . "';";
$result_of_login_check = $this->db_connection->query($sql);
// if this user exists
if ($result_of_login_check->num_rows == 1) {
// get result row (as an object)
$result_row = $result_of_login_check->fetch_object();
// using PHP 5.5's password_verify() function to check if the provided password fits
// the hash of that user's password
if (password_verify($_POST['user_password'], $result_row->user_password_hash)) {
// write user data into PHP SESSION (a file on your server)
$_SESSION['user_name'] = $result_row->user_name;
$_SESSION['user_email'] = $result_row->user_email;
$_SESSION['user_login_status'] = 1;
print "<script type=\"text/javascript\">";
print "window.top.location.href='index.php'";
print "</script>";
exit;
} else {
$this->errors[] = "Wrong password. Try again.";
}
} else {
$this->errors[] = "This user does not exist.";
}
} else {
$this->errors[] = "Database connection problem.";
}
}
}
/**
* perform the logout
*/
public function doLogout()
{
// delete the session of the user
$_SESSION = array();
session_destroy();
// return a little feeedback message
$this->messages[] = "You have been logged out.";
}
/**
* simply return the current state of the user's login
* @return boolean user's login status
*/
public function isUserLoggedIn()
{
if (isset($_SESSION['user_login_status']) AND $_SESSION['user_login_status'] == 1) {
return true;
}
// default return
return false;
}
}
The not_logged_in.php file (logged_in.php is similar, just the form cannot be changed from display:none as the link used to do that changes to a logout link:
<?php
// show potential errors / feedback (from login object)
if (isset($login)) {
if ($login->errors) {
foreach ($login->errors as $error) {
echo $error;
}
}
if ($login->messages) {
foreach ($login->messages as $message) {
echo $message;
}
}
}
?>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
<link href="styles/main.css" rel="stylesheet" type="text/css">
<meta name="viewport" content="device-width, initial-scale=1, maximum-scale=1">
<script type="text/javascript">
function showForm(){
document.getElementById('login').style.display = "block";
}
function hideForm(){
document.getElementById('login').style.display = "none";
}
</script>
</head>
<body>
<header>
<div class="logo" id="logo">
<a href="#">Website Title</a>
</div>
<?php include("navigation.php"); ?>
</header>
<div id="login" class="login" style="display:none">
<div id="forms" class="forms">
<form method="post" action="index.php" name="loginForm" id="loginForm">
<label for="login_input_username">Username</label>
<input id="login_input_username" class="login_input" type="text" name="user_name" required /><span class="linebreak"></span>
<label for="login_input_password">Password</label>
<input id="login_input_password" class="login_input" type="password" name="user_password" autocomplete="off" required /><span class="linebreak"></span>
<span class="loginregister"><input type="submit" name="login" value="Log in" /></span></form><form action="#"><span class="loginregister"><input type="submit" value="Register"></span></form>
</div>
</div>
After OP used error reporting, as I suggested in comments:
"Right away, after adding it to the index.php page and loading up I got: Warning: session_start(): Cannot send session cache limiter - headers already sent, I also get a similar one on mobile that says session cookie headers in place of session cache limiter. – radiocaf"
Your index.php file (and possibly other files) is throwing you that warning because you might have your HTML form on top of PHP, or a space, or cookie, or even a BOM (byte order mark).
- Reference on BOM: https://en.wikipedia.org/wiki/Byte_order_mark
Your files' encoding may contain a byte order mark, which is often the leading cause to a headers sent warning. The UTF-8 encoding lets you save files as "with" or "without" the byte order mark; you need to save them as "without BOM".
That is considered as output, as are spaces before an opening <?php tag, or a cookie etc.
To check what the file's encoding is, you can check inside a code editor's options under the encoding option.
One of which is Notepad++ https://notepad-plus-plus.org/ and there are others also.
Place your PHP first, then your form if that is the case.
Consult the following on Stack about that warning:
Additionally, a quick fix would be to use ob_start(); at the top of your PHP files.
I.e.:
<?php
ob_start();
// rest of your PHP
?>
then your HTML
or
<?php
ob_start();
?>
then your HTML
then the rest of your PHP/SQL.
Plus, as originally stated in comments:
" these
'" . $user_name . "'contain spaces and may be interpreted as extra spaces being added. Try to remove them'" .$user_name. "'or'".$user_name."'"
这篇关于登录可以在台式机上进行,但不能在手机上进行吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
