PHP登录麻烦 [英] PHP login trouble

问题描述

我在网上找到的PHP登录遇到了麻烦-

Having some trouble with a PHP login that I found online -

 <?php

$host="localhost"; // Host name 
$username="SOME_USERNAME"; // Mysql username 
$password="SOME_PASSWORD"; // Mysql password 
$db_name="b00556019"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
  if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
 }
else {
echo "Wrong Username or Password";
}
 ?>

错误在第16-17行，并显示如下-

The error is on lines 16-17 and shows as follow -

Notice: Undefined index: myusername in E:\home\students\2137\B00556019\public_html\workspace\login\checklogin.php on line 16

Notice: Undefined index: mypassword in E:\home\students\2137\B00556019\public_html\workspace\login\checklogin.php on line 17

用户名或密码错误

这是两行无效:

 $myusername=$_POST['myusername']; 
 $mypassword=$_POST['mypassword']; 

这是HTML

<!DOCTYPE HTML>
<html>
<head>
<body>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
</body>
</html>#

任何有想法或更好的教程示例的人，将不胜感激:)

Anybody with any ideas or a better tutorial example would be greatly appreciated :)

推荐答案

$_POST[]包含来自HTML表单提交的数据.如果用户未发送表单，则$myusername字段将为空，因为在数组中找不到索引(实际上是键)'myusername'.这就是为什么您会收到这些错误.

$_POST[] contains data from form submissions from HTML. If an user didn't have send in a form, the $myusername field will be empty because the index (actually the key) 'myusername' cannot be found in the array. That's why you are getting these errors.

// username and password sent from form 
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword']; 

为确保POST数据(来自表单提交)包含键/索引，请使用isset()命令，(或

to ensure that the POST data (from form submissions) contains the keys/indexes, please use isset() command, (or array_key_exists(), both works.)

if(isset($_POST['myusername']) && isset($_POST['mypassword']) {
    // username and password sent from form 
    $myusername=$_POST['myusername']; 
    $mypassword=$_POST['mypassword'];
    // To protect MySQL injection (more detail about MySQL injection)
    $myusername = stripslashes($myusername);
    $mypassword = stripslashes($mypassword);
    $myusername = mysql_real_escape_string($myusername);
    $mypassword = mysql_real_escape_string($mypassword);
    $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
    $result=mysql_query($sql);

    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);

    // If result matched $myusername and $mypassword, table row must be 1 row
    if($count==1){
        // Register $myusername, $mypassword and redirect to file "login_success.php"
        session_register("myusername");
        session_register("mypassword"); 
        header("location:login_success.php");
    }
    else {
        echo "Wrong Username or Password";
    } 
}

但是，如果要使用$_POST，则必须在HTML中编写一个表单.我也建议不要使用表格来对齐HTML表单元素.这不是一个优雅的解决方案.有很多关于方法堆栈溢出的示例.

But if you want to use the $_POST, you have to write a form in your HTML. Also i recommend to not use table for aligning the HTML form elements. It's not an elegant solution. There are many examples on stackoverflow of how-to.

以下是HTML5中表单的示例

Here below is an example of your form in HTML5

<form action="#" method="post">
     <label for="myusername">Your username : </label>
     <input name="myusername" type="text" id="myusername" />
     <label for="mypassword">Your password : </label>
     <input name="mypassword" type="password" id="mypassword" />
     <input type="submit" name="Submit" value="Login">
</form>

<label for="input id"> 将标签文本连接到输入框.如果用户单击文本，则for属性可确保浏览器将焦点放在for所指向的输入元素上.

the <label for="input id"> hooks a label text to the input box. If an user clicks on the text, the for attribute ensures the browser that the focus will be at the input element where the for is pointing to.

然后 <input> 具有许多属性. name字段用于服务器端程序来处理表单提交.浏览器本身的id.它主要由CSS和客户端脚本使用.

Then the <input> has many attributes. The name field is used for serverside programs to handle the form submissions. The id for the browser itself. It is mainly used by CSS and client side scripts.

此外，您正在使用一个过时的教程来实现登录网页. mysql()函数已被正式弃用.请改用 PDO .

Also, you are using a very outdated tutorial to achieve a login webpage. mysql() functions are officially deprecated. Please use PDO instead.

此外，

Also, this tutorial should guide you in the PDO world without problems

这篇关于PHP登录麻烦的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！