对于未注册的电子邮件,我希望用户收到"登录失败:电子邮件未注册"的提示,而对于错误的密码,"登录失败,请输入正确的电子邮件/密码组合。"。
然而,对于这两个错误,我倾向于看到"登录失败:请输入正确的电子邮件/密码组合"。
这是我的代码:
<?php
if(isset($_POST['Login'])){
$Email = $_POST['Email'];
$PW = $_POST['Password'];
$result = $con->query("select * from user where Email='$Email'");
$row = $result->fetch_array(MYSQLI_BOTH);
if(password_verify($PW, $row['Password'])){
session_start();
$_SESSION["UserID"] = $row['UserID'];
$_SESSION["FName"] = $row['Fname'];
$_SESSION["LName"] = $row['Lname'];
$_SESSION["City"] = $row['City'];
$_SESSION["Country"] = $row['Country'];
$_SESSION["Timer"] = $row['Timestamp'];
header('Location: Account.php');
}
elseif($result === false)
{
$msg = "Login Failed : Email Not Registered.";
}
else
{
$msg = "Login Failed : Please Enter The Right Email/Password Combination.";
}
}
?>
<div class="form-group">
<?php
if(isset($msg) & !empty($msg)){
echo "<span style='color: red;'>$msg</span>";
}
?>
试试这个:
$result = $con->query("select * from user where Email='$Email'");
if($result->num_rows>0){
$row = $result->fetch_array(MYSQLI_BOTH);
if(password_verify($PW,$row["password"])){
//blah blah blah
}
else
{
$msg = "Login Failed : Please Enter The Right Email/Password Combination.";
}
}
else
{
$msg="Login Failed : Email Not Registered.";
}
试试这个:
<?php
session_start();
if (isset($_POST['Login'])) {
$Email = $_POST['Email'];
$PW = $_POST['Password'];
$result = $con->query("select * from user where Email='$Email'");
$row = $result->fetch_array(MYSQLI_BOTH);
if (!empty($row)) { // User found
if (password_verify($PW, $row['Password'])) { // Password correct
$_SESSION["UserID"] = $row['UserID'];
$_SESSION["FName"] = $row['Fname'];
$_SESSION["LName"] = $row['Lname'];
$_SESSION["City"] = $row['City'];
$_SESSION["Country"] = $row['Country'];
$_SESSION["Timer"] = $row['Timestamp'];
} else { // Password not correct
$msg = "Login Failed : Please Enter The Right Email/Password Combination.";
}
} else { // User not found
$msg = "Login Failed : Email Not Registered.";
}
}
<div class="form-group">
<?php
if(isset($msg) & !empty($msg)){
echo "<span style='color: red;'>$msg</span>";
}
?>
您正在尝试使用$result,它将始终返回False或TRUE。查看本手册。http://php.net/manual/en/mysqli.query.php
这是代码。希望对你有用。
<?php
if(isset($_POST['Login'])){
$Email = $_POST['Email'];
$PW = $_POST['Password'];
$result = $con->query("select * from user where Email='$Email'"); //// this will always returns false or ture on faliure or success which is not your need
$result_rows =$result->num_rows; // this will tell you if there in your database e-mail exits or not
$row = $result->fetch_array(MYSQLI_BOTH);
if(password_verify($PW, $row['Password'])){
session_start();
$_SESSION["UserID"] = $row['UserID'];
$_SESSION["FName"] = $row['Fname'];
$_SESSION["LName"] = $row['Lname'];
$_SESSION["City"] = $row['City'];
$_SESSION["Country"] = $row['Country'];
$_SESSION["Timer"] = $row['Timestamp'];
header('Location: Account.php');
}
elseif($result_rows === 0) //// no e-mail found !
{
$msg = "Login Failed : Email Not Registered.";
}
else //// email found and other operation what you want you can also use ///// elseif($result_rows > 0) ////
{
$msg = "Login Failed : Please Enter The Right Email/Password Combination.";
}
} ?>
在条件中使用empty($row)而不是$result == false。
if(isset($_POST['Login']))
{
$Email = $_POST['Email'];
$PW = $_POST['Password'];
$result = $con->query("select * from user where Email='$Email'");
$row = $result->fetch_array(MYSQLI_BOTH);
if(password_verify($PW, $row['Password']))
{
session_start();
$_SESSION["UserID"] = $row['UserID'];
$_SESSION["FName"] = $row['Fname'];
$_SESSION["LName"] = $row['Lname'];
$_SESSION["City"] = $row['City'];
$_SESSION["Country"] = $row['Country'];
$_SESSION["Timer"] = $row['Timestamp'];
header('Location: Account.php');
}
elseif(empty($row))
{
$msg = "Login Failed : Email Not Registered.";
}
else
{
$msg = "Login Failed : Please Enter The Right Email/Password Combination.";
}
}
elseif(empty($row))
{
$msg = "Login Failed : Email Not Registered.";
}
}