好的,所以这个问题有点难以言语,但我会尽力而为。所以我目前有一个带有弹出登录表单的索引.php页面,我已经登录.php所有登录 php 的东西来处理请求。目前,我似乎只能在登录.php页面上打印登录错误,这打开了一个空白的白页,上面只有错误,因为在我的索引.php表单上的表单操作设置为"login.php"处理登录内容。我想要的是在我的索引.php的登录表单上打印错误,但要登录.php处理其余的 php。我希望这是有道理的。
<form action="login.php" method="post">
<label>Email Address</label>
<input type="text" name="email"/>
<br />
<label>Password</label>
<input type="password" name="password"/>
<br />
<!--<?php
if(empty($errors)===false){
echo output_errors($errors);
}
?>-->
<div class="checkbox">
<input id="remember" type="checkbox" />
<label for="remember">Keep me signed in</label>
</div>
<div class="action_btns">
<div class="one_half last"><input type="submit" class="btn btn-blue" value="Login"></div>
<div class="one_half last"><a href="#" id="register_form" class="btn">Sign up</a></div>
</div>
</form>
以上是我在索引页面上的表单代码.php。 注释掉的 php 是我想打印错误的地方。以下是我的登录信息.php
<?php
include 'init.php';
function sanitize($data){
return mysql_real_escape_string($data);
}
function output_errors($errors){
return '<ul><li>'.implode('</li><li>', $errors).'</li></ul>';
}
//check if user exists
function user_exists($email){
$email = sanitize($email);
return (mysql_result(mysql_query("SELECT COUNT(ID) FROM register WHERE email = '$email'"),0) == 1)? true : false;
}
//check if user has activated account
function user_activate($email){
$email = sanitize($email);
return (mysql_result(mysql_query("SELECT COUNT(ID) FROM register WHERE email = '$email' AND active =1"),0) == 1)? true : false;
}
function user_id_from_email($email){
$email = sanitize($email);
return (mysql_result(mysql_query("SELECT id FROM register WHERE email = '$email'"),0,'id'));
}
function login($email,$password){
$user_id = user_id_from_email($email);
$email = sanitize($email);
$password = md5($password);
return (mysql_result(mysql_query("SELECT COUNT(id) FROM register WHERE email = '$email' AND password ='$password'"),0) == 1)? $user_id : false;
}
if(empty($_POST)=== false){
$email = $_POST['email'];
$password = $_POST['password'];
}
if(empty($email)|| empty($password) === true){
$errors[] = "You must enter a username and a password";
}
else if(user_exists($email) === false){
$errors[] = "Email address is not registered";
}
else if(user_activate($email) === false){
$errors[] = "You haven't activated your account yet";
}
else{
$login = login($email, $password);
if($login === false){
$errors[] = "email/password are incorrect";
} else {
$_SESSION['user_id'] = $login;
header('Location: index.php');
exit();
}
}
if(empty($errors)===false){
header('Location: index.php');
echo output_errors($errors);
}
?>
这是我的 init.php下面也是存储数组的。
<?php
session_start();
error_reporting();
require 'connection.php';
$errors = array();
?>
在我开始之前,一个提示是永远不要将不恒定的变量放入预准备语句中,您允许用户直接输入到您的 SQL 语句中。
但更重要的是,如果你想接收错误,我建议你使用一个基本的die($db->error);
,你想通过数据库返回错误。
始终记住在使用连接结束时$db->close();
。