我有一个需要用户名和密码的登录表单。如果登录凭据错误,我希望表单顶部显示"无效密码"或"无效用户名"。有人能提供一些见解吗?
如果一个字段当前为空,则消息显示"无效密码"。我希望它能有信息,即使领域里有什么东西是错误的。
这是登录表格:
<form action="index.php?action=login" method="post">
<fieldset>
<div style="color:red;"><?php echo isset($_REQUEST['err']) && $_REQUEST['err'] == 1 ? "Invalid Password" : "";?></div>
<legend>Login</legend>
<label for="loginName" class="required">Username:</label>
<input id="loginName" name="loginName" type="text"
value="" required />
<label for="password" class="required">Password:</label>
<input id="password" name="password" type="password"
value="" required />
<input id="submit" class="submit" type="submit" value="login"/>
</fieldset>
</form>
这是登录功能(用于会员/管理员网站,因此登录到两个帐户):
function connect($loginName) {
global $db;
$query = "SELECT email, level, password FROM members WHERE email = '$loginName'";
$result = $db->query($query);
$results = $result->fetch(PDO::FETCH_ASSOC);
return $results;
}
//Login
function login($loginName, $password) {
$results = connect($loginName);
if(!$results) {
header('Location: /tire/admin/home.php?err=1');
}
if ($loginName === $results['email'] && password_verify($password,$results['password'])) {
$_SESSION['loginName'] = $loginName;
if ($results['level'] === 'a') { // 1 == Administrator
$_SESSION['level'] = 'Administrator';
header('Location: /tire/admin/home.php');
} elseif ($results['level'] === 'm') { // 1 == Member
$_SESSION['level'] = 'Member';
header('Location: /tire/member/home.php');
exit;
}
}
header('Location: /tire/admin/home.php');
}
//Logout
function logout() {
$_SESSION = array();
session_destroy();
}
@巴克里亚瓦德:这就是我尝试你的建议的地方,但仍然不起作用。它告诉我$loginName和$password是未定义的索引。
function error_message(){ unset($error);
$loginName = $_SESSION['loginName'];
{$results = connect($loginName);
$loginName === $results['email'];
$password = password_hash($_POST['password'], PASSWORD_BCRYPT);
$passwords = password_verify($password,$results['password']);
if(!$results) {$error = "Username not found";} //if no records returned, set error to no username
else //if found {
if ((isset($password)) !== (isset($passwords))) //check password, if matched log him in
{ $error = "Password is wrong"; } //if not matched then set error message
}
}
if(isset($error))echo $error; //if there is an error print it, this can be anywhere in the page
}
PHP端:(peusedo代码)
{
unset($error); // or $error="";, just reset it
$loging = select from database where username = 'username'; //get data from database
if(!$loging) {$error = "Username not found";} //if no records returned, set error to no username
else //if found
{
if ($password == $loging['pass']) {login();} //check password, if matched log him in
else $error = "Password is wrong"; //if not matched then set error message
}
if(isset($error))echo $error; //if there is an error print it, this can be anywhere in the page
}
Java脚本端:
对php函数进行ajax调用,检查登录发送用户名和密码,如果正确,则将页面重定向到欢迎屏幕,如果不更改框的样式和/或显示错误消息你必须对此进行研究,因为我从未使用过ajax
试着自己做,如果你绊倒了,我很乐意为你提供一个样本