如果用户没有输入正确的登录组合,我会尝试在最后显示错误。但是,当我输入错误的密码或电子邮件时,不会显示错误消息。任何建议
<?php
include ("connect.php");
if (isset($_POST["user_login"]) && (isset($_POST["user_pass"]))){
// formatting field via reg replace to ensure email and password only conisists of letters and numbers preg_replace('#[^A-Za-z0-9]#i','',
$login_user = $_POST["user_login"];
$login_password = $_POST["user_pass"];
// password is encryted in DB (MD5) therefore user inputted password will not match encryted password in DB - we have to assign new var
$decrypted_password = md5($login_password);
// Query which finds user (if valid) from DB - Achieving authentication via username and password
$user_query = mysqli_query($connect, "SELECT * FROM users WHERE email = '$login_user' AND password = '$decrypted_password' AND closed = 'no' LIMIT 1");
$check_user = mysqli_num_rows($user_query); // checking to see if there is infact a user which those credentials in the DB
if ($check_user==1){
while ($row = mysqli_fetch_array($user_query)){
$id = $row['user_id'];
$user_type = $row['account'];
}
$_SESSION["user_login"] = $login_user;
// check the user type and redirect according to it
if($user_type == "Student"){
$student_page = "profile_student.php";
header( "Location:{$student_page}" );
} elseif ($user_type == "Landlord"){
$landlord_page = "landlord_profile.php";
header( "Location:{$landlord_page}" );
} elseif ($user_type == "Administrator"){
$admin_page = "admin_profile.php";
header( "Location:{$admin_page}" );
}else {
$refresh_page = "sign_up.php";
header( "Location:{$refresh_page}" ); // refresh page
echo "You have entered an incorrect email or password. Please try again.";
}
}
}
?>
如果输入数据错误,则重定向用户,并且只有在这之后才尝试回显消息,这不是工作方式。阅读php_manual中的标题。这里最好的方法可能是将错误消息存储在会话中,并在重定向后检查会话错误消息是否存在
else {
$refresh_page = "sign_up.php";
$_SESSION['error'] = "your error message"
header( "Location:{$refresh_page}" ); // refresh page
}
在sign_up.php文件中,检查会话中是否存在错误消息
if(isset($_SESSION["error"])){
echo $_SESSION["error"];
unset($_SESSION["error"]);
}
也许你应该稍微更正一下这个代码))使用unset cause'在显示消息后,它应该从会话中删除,在其他情况下,如果失败5次,它将显示5条消息))也要确保会话已启动session_start()
希望它有帮助:)
只有当$user_type
与任何预期类型都不匹配时,才会显示错误。
在您的if ($check_user==1){
块之后,您需要第二个else
来处理不存在具有该电子邮件或密码的用户的情况。