我是PHP/MySQL的新手,如果我的问题很愚蠢,我很抱歉。我正在尝试使用 php 和 mysql 制作一个注册/登录/注销系统。我的技能不好,我不是程序员,所以我试图改变我在网上找到的脚本。 它包含文件,索引.php,激活php。登录.php、注销.php、注册.php。
当我尝试给出的示例时,它效果很好,但我对代码进行了大量更改,因为我希望用户在注册中添加更多值,例如名字、姓氏等,而不仅仅是用户名、密码和电子邮件。所以我更改了代码并在 mysql 数据库上添加了更多列。现在它不起作用,它说当我尝试激活时找不到用户,我也无法登录。
index.php:是一个非常简单的文件,有一个HTML表单,询问未知用户是否要登录或注册,并启动会话
注销.php:只需取消设置会话
登录.php:
<?php session_start(); ?>
<html>
<body>
<?php
if(isset($_POST["user"])){
$con = mysql_connect("localhost","root","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("myapp", $con);
$sql = "SELECT * FROM `users` WHERE `user` LIKE '". mysql_real_escape_string($_POST["user"])
."' AND ".
"`pass` LIKE MD5('". mysql_real_escape_string($_POST["pass"])
."') AND ".
"`active` = 'DONE'";
$result = mysql_query($sql);
$found = 0;
while ($row = mysql_fetch_array($result)) {
if ($row[1]==$_POST["user"]) {
$found = 1;
}
}
if ($found) {
$_SESSION["USER"] = $_POST["user"];
?>Thank you for logging in<?
}
else {
?>User/Pass is wrong!<?
}
mysql_close($con);
}
else {
?>
Please log-in:<br/>
<form action="login.php" method="POST">
User: <input type="text" name="user"><br />
Pass: <input type="password" name="pass"><br />
<input type="submit" />
</form>
<?php
}
?>
注册.php:
<?php session_start(); ?>
<html>
<body>
<?php
if(isset($_POST["user"])){
$con = mysql_connect("localhost","root","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("myapp", $con);
$random = rand();
$sql = "INSERT INTO `myapp`.`users` (`id`, `user`, `pass`, `active`, `firstname`, `lastname`, `mail`) ".
" VALUES (NULL, '". mysql_real_escape_string($_POST["user"])
."', MD5('".mysql_real_escape_string($_POST["pass"])
."'), '".mysql_real_escape_string($random)
."'), '".mysql_real_escape_string($_POST["firstname"])
."'), '".mysql_real_escape_string($_POST["lastname"])
."')'".mysql_real_escape_string($_POST["mail"])
."');";
mysql_query($sql);
mysql_close($con);
$message = "Please put this url http://localhost/mypage/activate.php?active=" . $random . " in your browser to activate your account.";
@mail($_POST["mail"], 'Thank you for registering', $message);
?>Thank you <?php echo $_POST["user"]; ?> we send you a confirmation e-mail in <?php echo $_POST["mail"]; ?><?php
echo $message;
}
else {
?>
Please register:<br/>
<form action="register.php" method="POST">
User: <input type="text" name="user"><br />
Pass: <input type="password" name="pass"><br />
firstname:<input type="text" name="firstname"><br />
lastname:<input type="text" name="lastname"><br />
mail: <input type="text" name="mail"><br />
<input type="submit" />
</form>
<?php
}
?>
激活.php:
<?php session_start(); ?>
<html>
<body>
<?php
if(isset($_GET["active"])){
$con = mysql_connect("localhost","root","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("myapp", $con);
$sql = "SELECT * FROM `users` WHERE `active` LIKE '".
mysql_real_escape_string($_GET["active"])."'";
$result = mysql_query($sql);
$found = 0;
while ($row = mysql_fetch_array($result)) {
$found = 1;
}
if ($found) {
$sql = "UPDATE `users` SET `active` ='DONE'";
$result = mysql_query($sql);
?>Thank you for activating<?
}
else {
?>Can't find user!<?
}
mysql_close($con);
}
else {
?>Invalid activation<?php
}
?>
</body>
</html>
欢迎任何帮助,谢谢你,对不起长帖子!! ^_^
在 register.php 中,SQL 语法有错误,右括号太多.
像这样替换此部分:
$sql = "INSERT INTO `myapp`.`users` (`id`, `user`, `pass`, `active`, `firstname`, `lastname`, `mail`) VALUES
(NULL,".
"'". mysql_real_escape_string($_POST["user"])."',".
"MD5('".mysql_real_escape_string($_POST["pass"])."'),".
"'".mysql_real_escape_string($random)."',".
"'".mysql_real_escape_string($_POST["firstname"])."',".
"'".mysql_real_escape_string($_POST["lastname"])."',".
"'".mysql_real_escape_string($_POST["mail"])."');";