最受欢迎

尝试创建一个登录和注册php系统

trying to create a login and signup php system

本文关键字:登录 注册 php 系统 一个 创建 | 更新日期: 2023-10-20

我正在尝试用PHP创建一个登录和注册系统注册系统可以工作,但在数据库中检查现有值将无法创建登录。

这是我的数据库

+----------+-------------+------+-----+---------+----------------+
| Field    | Type        | Null | Key | Default | Extra          |
+----------+-------------+------+-----+---------+----------------+
|Member_ID | int(11)     | NO   | PRI | None    | auto_increment |
|FirstName |char(20)     | NO   |     | None    |                |
|LastName  |char(20)     | NO   |     | None    |                |
|Email     |varchar(50)  | NO   |     | None    |                |
|User_Password |char(20) | NO   |     | None    |                |
+----------+-------------+------+-----+---------+----------------+

下面的代码是我的注册,它工作

<?php
require_once 'Database_conx.php';

$get_first_name = $_POST["Firstnamebox"];
$get_last_name  = $_POST["Lastnamebox" ];
$get_password   = md5($_POST["passwordbox" ]);
$get_email      = $_POST["emailaddbox" ];
$firstname = trim($get_first_name);
$lastname  = trim($get_last_name);
$passcode  = trim($get_password);
$email     = trim($get_email);
$processvalue = "Insert INTO Registration ( FirstName, LastName, User_Password,Email )
              VALUES ('$firstname' ,'$lastname', '$passcode' ,'$email'   )";

if (mysqli_query($conn, $processvalue)) {
echo 'Sucess in submiting data in db ';
} else {
   echo "error in testing :" .mysqli_error($conn);
}  
mysqli_close($conn)
 ?>

以下代码用于检查db 中是否存在值

 <?php
    require_once 'Database_conx.php';
     if(isset($_POST['loginbtn'])){
       $db =  mysqli_select_db($conn, 'Star5_db');

    $email = $_POST["loginemailbox"];
    $password = $_POST["loginpasswordbox"];
    $e = trim($email);
    $p = trim($password);
    $pc = mysqli_query($db, "SELECT * FROM Registration WHERE Email = $e AND User_Password = $p");

  if (empty($e)){ 
      echo " oops you're missing your email";
  }
     if(empty($p)){
        echo "<br>Please type in your password </br>";
     } 
  if($pc)
  {
      echo " <br> $e. is found in the database :)</br>";
  } 
  elseif (empty ($e)) {
    echo '   ';
} 
elseif (!filter_var($e,FILTER_VALIDATE_EMAIL) === TRUE) {
    echo ("<br>$e is not a valid email<br>");
}
else
  {
      echo " <br> $e. not found in db </br>" .  mysqli_error();
  }  
  mysqli_close($pc); 
}
      }
  ?>

有人能告诉我我做错了什么吗

您在数据库中存储了一个(糟糕的)哈希密码,但当用户尝试登录时,您正在搜索一个未哈希的纯文本匹配。

您需要对用户提交的密码进行散列,并将结果与数据库中的任何内容进行比较。

试试这个:

if ($pc==1) {
  echo " <br> $e. is found in the database :)</br>";
}
相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习