我正在尝试登录此用户,该用户名和密码保存在数据库中,但存在问题!当我尝试登录时,即使用户已注册,它也总是说用户名无效。我认为发生这种情况是因为当我注册用户时,我使用了密码哈希md5。我在注册表中使用了 md5,但我如何更改此代码以识别登录表单中的用户密码?提前感谢!这是我的代码:
<html >
<head>
<title></title>
</head>
<body>
<?php
print ("<form action='logincontroltest.php' method='post'>
<p>Username
<input type='text' name='username' />
</p>
<p>Password
<input type='password' name='password' >
<p/>
<input type='submit' value='Log In'/>
</form>");
if( !($database=mysql_connect("localhost","root",""))||!(mysql_select_db("st_login",$database)) )
print("Could not connect");
if(isset($_POST['username'])&&isset($_POST['password']) )
{
$username=$_POST['username'];
$password=md5($_POST['password']);
if ( !empty($username) &&!empty($password) )
{
$query = " SELECT * FROM `login` WHERE `username`='$username' AND `password`='$password'";
if($result=mysql_query($query,$database))
{
$user=mysql_fetch_assoc($result);
if($user==false){
echo "invalid username";
}
elseif($user['admin']==1){
echo"admin is logged in";
header("Location: admin.php");
}
elseif($user['approval']==1) {
$_POST['user']=$user['username'];
echo "user is logged in";
header("Location: faqja2.php");
}
else{
echo "Your account is'nt approved by admin yet";
}}
die (mysql_error());
}
else echo "Fill in all blank fields";
}
?>
</body>
</html><?php
if( !($database=mysql_connect("localhost","root",""))||!(mysql_select_db("st_login",$database)) )
print("Could not connect");
if(isset($_POST['firstname'] )&&isset($_POST['lastname'])&&isset($_POST['username'])&&isset($_POST['password'])
&&isset($_POST['cv'])/*&&isset($_POST['notat'])&&isset($_POST['lendet'])*/&&isset($_POST['email'])){
$firstname=$_POST['firstname'];
$lastname=$_POST['lastname'];
$username=$_POST['username'];
$password=md5($_POST['password']);
$email=$_POST['email'];
$cv=$_POST['cv'];
/*
$notat=$_POST['notat'];
$lendet=$_POST['lendet'];
*/
$query = "INSERT INTO login (firstname, lastname, username,password,cv,email) VALUES ('$firstname', '$lastname',
'$username','$password','$cv','$email')";
}
if ( !empty($firstname)&&!empty($lastname)&&!empty($username) &&!empty($password)&&!empty($cv)&&!empty($email))
{
if(!($result=mysql_query($query,$database)))
{
print("Could not execute query");
die (mysql_error());//ose error
}
$to='backa.elda123@gmail.com';
$subject='Asking for permission';
$body='There is another registered student waiting for your approval!';
$headers='From:<arbi.backa@gmail.com>';
if(mail($to,$subject,$body,$headers)){
echo "mail sent to..";}
else echo'errorr sending the email';
echo "YOU HAVE BEEN REGISTERED SUCCESSFULLY!PLEASE WAIT FOR THE ADMIN APPROVAL!";
}
else echo "Fill in all the blank fields";
mysql_close($database);
?>
</body>
</html>您正在将表单提交给"logincontroltest.php"。而登录过程代码位于同一文件中。 因此,请从表单标记中删除操作值。并仅在设置了$POST数组时才处理表单提交代码。然后它起作用了。
<html >
<head>
<title></title>
</head>
<body>
<?php
print ("<form action='' method='post'>
<p>Username
<input type='text' name='username' />
</p>
<p>Password
<input type='password' name='password' >
<p/>
<input type='submit' value='Log In'/>
</form>");
if(isset($_POST)) {
if( !($database=mysql_connect("localhost","root",""))||!(mysql_select_db("st_login",$database)) )
print("Could not connect");
if(isset($_POST['username'])&&isset($_POST['password']) )
{
$username=$_POST['username'];
$password=md5($_POST['password']);
if ( !empty($username) &&!empty($password) )
{
$query = " SELECT * FROM `login` WHERE `username`='$username' AND `password`='$password'";
if($result=mysql_query($query,$database))
{
$user=mysql_fetch_assoc($result);
if($user==false){
echo "invalid username";
}
elseif($user['admin']==1){
echo"admin is logged in";
header("Location: admin.php");
}
elseif($user['approval']==1) {
$_POST['user']=$user['username'];
echo "user is logged in";
header("Location: faqja2.php");
}
else{
echo "Your account is'nt approved by admin yet";
}}
die (mysql_error());
}
else echo "Fill in all blank fields";
}
}
?>
</body>
</html>