最受欢迎

表单POST,不读取任何值

Form POST, not reading any value

本文关键字:读取 任何值 POST 表单 | 更新日期: 2023-09-27

我忙了几个小时来解决这个问题,但它不起作用。我的逻辑必须有效,但不是,这是我最后一个问问题的地方,我现在正在做,希望有人能帮我。我尝试使用MySqli检查MySql数据库中的$_POST值,并检查计数是否正确。之后,我检查密码是否与给定的密码相同。我使用了这种方式,这样我就可以确定用户是否提供了无效的用户名或密码,并向他们显示有关它的错误。我目前所知道的是,登录脚本不会读取$_POST中的任何值。我需要一些很好的帮助。这是代码:

HTML:

<form action="inc/login.php" method="post">
<label for="gr_username">Gamertag </label>
<input type="text" id="gr_username" name="gr_username" class="panel panel-default" placeholder="GT" style="width:120px;height:25px;"/>
<br>
<label for="gr_password">Password </label>
<input type="password" id="gr_password" name="gr_password" class="panel panel-default" placeholder="Password" style="width:120px;height:25px;"/>
<br><br>
<input type="submit" id="submit" class="btn btn-primary" value=" LOGIN "/>
</form>

PHP:

<?php
error_reporting(-1);
ini_set('display_errors', 'On');
include_once('../../inc/db.php'); 
$link = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname); 
$username   = mysqli_real_escape_string($_POST['gr_username']);
$password0  = mysqli_real_escape_string($_POST['gr_password']);
$password  = hash('whirlpool', $password0);
if(!$link) 
{ 
header('Location: ../login.php?err=Servers not available at the moment! Please try again later. [ERRCODE: L01]');
} 
$sql = "SELECT * FROM leaders WHERE username = '" . $username . "'";
$res = mysqli_query($link, $sql);
if(!$res) 
{ 
header('Location: ../login.php?err=Servers not available at the moment! Please try again later. [ERRCODE: L03]');
}
else 
{ 
    $totalrows = mysqli_num_rows($res); 
    if ($totalrows > 0) {
    while($row = mysqli_fetch_assoc($res)) 
    { 
    if ($password == $row['password']) {
        $_SESSION['gamertag'] = $row['username']; 
        $_SESSION['socialclub'] = $row['socialclub']; 
        $_SESSION['leaderid'] = $row['id'];
        } else { 
        header('Location: ../login.php?err=Invalid Password! Try again.');
        }
    } 
    header('Location: ../index.php?grmsg=You are successfully logged into the Leader Panel!');
} else {
header('Location: ../login.php?err=Username not found! Try again.');
}
}
?>

希望你能帮我。提前感谢!

  • A

由于得到了Invalid Password! Try again.,这意味着至少找到了用户。

这证实了查询有效,但也意味着:

hash('whirlpool', $password0) != $row['password']

这就是你需要调查为什么不满足条件的地方。

首先,如果我是你,我会做:

if ($password == $row['password']) {
    //works
} else { 
    //header('Location: .....');
    echo "Invalid Password! Try again";
    echo "password0 : ".$password0."<br>";
    echo "password  hashed : ".$password."<br>";
    echo "password from db : ".$row['password']."<br>";
}
  • 既然你使用了漩涡,请确保你的田地足够长
  • 请确保将哈希保存到数据库中,而不是普通密码(危险)

否则,您将不得不再次对数据库值hash('whirlpool', $row['password']);进行散列,这将破坏散列的全部目的。

希望这能帮助

试试这个。。。。

  <?php
session_start();
include ('connect.php');
    $login_id = mysql_real_escape_string($_POST['login_id']);
    $password = mysql_real_escape_string(SHA1($_POST['password']));
//your hash function here...
    include('connect.php');
    $chk = mysql_query("SELECT * FROM admin where name = '$login_id' AND password = '$password';");
    $count =  mysql_num_rows($chk);
    if($count=='1')
    {
        $_SESSION['name'] = $login_id;
    //to loggoed on page
        header("location:admin.php?id=1");
        }
        else {
        echo "<script>
    alert('Invalid Login...');
    window.location.href='index.php';
    </script>";
        }
?>
相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习