用于登录表单的操作脚本不起作用 [英] Action script for login form not working
问题描述
在理解为什么我的脚本无法登录的问题上存在问题,所以它是一个简单的登录脚本,用于检查用户和字段是否符合预期,但是它执行的逻辑似乎不是用户登录的:S
动作脚本:
<?php
$ b $ ($ SERVER ['REQUEST_METHOD'] =='POST')
{
require('connect_db.php');
require('login_tools.php');
list($ check,$ data)=
validate($ dbc,$ _POST ['email'],$ _POST ['pass']);
if($ check)
{
session_start();
$ _SESSION ['user_id'] = $ data ['user_id'];
$ _SESSION ['first_name'] = $ data ['first_name'];
$ _SESSION ['last_name'] = $ data ['last_name'];
load('home.php');
}
else {$ errors = $ data; }
mysqli_close($ dbc);
}
?>
处理登录的动作脚本:
< pre $
<?php
函数加载($ page ='login.php')
{
$ url ='http://'。 $ SERVER ['HTTP_HOST']。
dirname($ _SERVER ['PHP_SELF']);
$ url = rtrim($ url,'/ \\');
$ url ='/'。 $ page;
header(location:$ url);
exit();
$ b函数验证($ dbc,$ email =',$ pwd =')
{
$ errors = array();
if(空($ email))
{$ errors [] ='输入您的电子邮件地址。'; }
else
{$ e = mysqli_real_escape_string($ dbc,trim($ email)); }
$ b $ if(空($ pwd))
{$ errors [] ='输入您的密码。'; }
else
{$ e = mysqli_real_escape_string($ dbc,trim($ pwd)); }
if(empty($ errors))
{
$ q =SELECT user_id,first_name,last_name FROM users WHERE enail =' $ e'AND pass = SHA1('$ p');
$ r = mysqli_query($ dbc,$ q);
$ b $ if(mysqli_num_rows($ r)== 1)
{
$ row = mysqli_fetch_array($ r,MYSQLI_ASSOC);
返回数组(true,$ row);
}
else
{
$ errors [] ='找不到电子邮件地址和密码';
}
返回数组(false,$ errors); }
}
?>
它将落在这里......
<?php
session_start();
$ b $ if(!isset($ _SESSION ['user_id']))
{
require('login_tools.php');
load();
}
$ page_title ='Home';
echo'< p>
< a href =goodbye.php>注销< / a>
< / p> ;
?>
登录脚本尝试执行login_action.php,但dosnt从那里移动...我没有语法错误虽然?
您拼错了$ _SERVER变量 - 没有像$ SERVER那样的东西
编辑
login_tools.php
函数validate($ dbc,$ email =',$ pwd =')
应该是:
函数验证($ dbc,$ email ='',$ pwd ='')
下一个:
$ e = mysqli_real_escape_string( $ dbc,trim($ pwd));
应为:
$ p = mysqli_real_escape_string($ dbc,trim($ pwd));
并且if语句后返回语句:
<如果(空($错误)){
...
}
return array(false,$ errors); pre>
我希望你正在玩PHP或其他东西,因为这是非常糟糕的代码。但你知道,对吗?
having problems understanding why my script to login will not work, so its a simple login script that checks the users and fields as expected yet when it does the logic it does not seem to be loggin in the users :S
action script:
<?php
if ( $SERVER[ 'REQUEST_METHOD' ] == 'POST' )
{
require ( 'connect_db.php' );
require ( 'login_tools.php' );
list ( $check , $data ) =
validate ( $dbc , $_POST[ 'email' ] , $_POST [ 'pass' ] ) ;
if ( $check )
{
session_start() ;
$_SESSION[ 'user_id' ] = $data [ 'user_id' ] ;
$_SESSION[ 'first_name' ] = $data [ 'first_name' ] ;
$_SESSION[ 'last_name' ] = $data [ 'last_name' ] ;
load ('home.php');
}
else { $errors = $data ; }
mysqli_close( $dbc );
}
?>
An action script to process the login:
<?php
function load( $page = 'login.php')
{
$url = 'http://' . $SERVER['HTTP_HOST'] .
dirname( $_SERVER ['PHP_SELF'] );
$url = rtrim( $url , '/\\' );
$url = '/' . $page ;
header ( "location: $url" );
exit();
}
function validate( $dbc , $email = ',$pwd = ')
{
$errors = array();
if (empty($email))
{ $errors[] = 'Enter your email address.' ; }
else
{ $e = mysqli_real_escape_string( $dbc , trim( $email ) ) ; }
if (empty($pwd))
{ $errors[] = 'Enter your password.' ; }
else
{ $e = mysqli_real_escape_string( $dbc , trim( $pwd ) ) ; }
if ( empty( $errors ) )
{
$q = "SELECT user_id, first_name, last_name FROM users WHERE enail = '$e' AND pass = SHA1( '$p' )";
$r = mysqli_query ( $dbc , $q ) ;
if ( mysqli_num_rows( $r ) == 1 )
{
$row = mysqli_fetch_array ( $r , MYSQLI_ASSOC );
return array (true , $row );
}
else
{
$errors[] = 'Email address and password not found.' ;
}
return array( false , $errors) ; }
}
?>
And it will land here...
<?php
session_start();
if ( !isset( $_SESSION[ 'user_id' ] ) )
{
require ( 'login_tools.php' ) ;
load() ;
}
$page_title = 'Home' ;
echo'<p>
<a href="goodbye.php">logout</a>
</p> ';
?>
The login script tried to execute login_action.php but dosnt move from there...I have no syntax errors though?
You misspelled $_SERVER variable - there is not such thing like $SERVER
EDIT
login_tools.php
function validate($dbc, $email = ',$pwd = ')
should be:
function validate($dbc, $email = '' , $pwd = '')
next:
$e = mysqli_real_escape_string($dbc, trim($pwd));
should be:
$p = mysqli_real_escape_string($dbc, trim($pwd));
and return statement move after if statement:
if (empty($errors)) {
...
}
return array(false, $errors);
I hope that you're playing around with PHP or something, beacuse this is really bad code. But you know that, right?
这篇关于用于登录表单的操作脚本不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!