Recenty我计划创建一个数据库处理器,在处理登录信息后,包含数据的变量找不到(不显示),我试图在"if"中运行的任何程序都不会出现在屏幕上,该程序在我用javascript创建的弹出窗口后验证了登录信息。
登录信息是从登录屏幕发送的,这是发送数据的代码:登录
<form action="login1.php" method="post">
Username:<br><input type="text" name="uname">
<br>
Password:<br><input type="Password" name="pass">
<br>
<input type="submit" value="Login" name="submit">
</form>
</fieldset>
<form action="MainScreen.html" method='get'>
<button type='Submit'>Inapoi la pagina principala</button>
</form>
这是处理登录信息的屏幕
<?php
require('sql_connect.php');
if (isset($_POST['submit'])){
$username=mysql_escape_string($_POST['uname']);
$password=mysql_escape_string($_POST['pass']);
global $z;
$z=substr($username, 0, -1);
$q=$z;
///mysql_query($z);
if (!$_POST['uname'] or !$_POST['pass']){
echo ("<SCRIPT LANGUAGE='JavaScript'>
window.alert('Nu ati completat toate campurile necesare.'nVa rugam incercati din nou.')
window.location.href='login.php'
</SCRIPT>");
}
$sql= mysql_query("SELECT * FROM `xii f` WHERE `IdPar` = '$username' AND `Password` = '$password'");
if(mysql_num_rows($sql) > 0)
{
echo$z;
echo ("<SCRIPT LANGUAGE='JavaScript'>
window.alert('Bine ati venit domnule/doamna ".$z."')
window.location.href='login1.php'
</SCRIPT>");
/* Here i tried to run a table, but it doesn't seem to work
$sq= mysql_query("SELECT * FROM `absente s1` WHERE `Nume` ='$z'");
echo'
<table border="2" style= "background-color: white; color: black; margin: 3 auto; font-size:95%;" >
<thead>
<tr>
<th>Absenta</th>
<th>Materie</th>
<th>Motivat</th>
</tr>
</thead>
<tbody>';
while( $row = mysql_fetch_assoc($sq) )
echo "<tr>
<td>{$row['Absenta']}</td>
<td>{$row['Materie']}</td>
<td>{$row['Motivat']}</td>
</tr>";
echo'
</tbody>
</table>';
*/
}
else{
$sql= mysql_query("SELECT * FROM `Profesori` WHERE `IdProf` = '$username' AND `Password` = '$password'");
if(mysql_num_rows($sql) > 0)
{
$k=mysql_query("SELECT * FROM `Profesori` WHERE `sex`='M' AND `IdProf` = '$username' AND `Password` = '$password'");
if(mysql_num_rows($k) > 0){
echo ("<SCRIPT LANGUAGE='JavaScript'>
window.alert('Bine ati venit domnule ".$z."')
window.location.href='login1.php'
</SCRIPT>");
}
else{
echo ("<SCRIPT LANGUAGE='JavaScript'>
window.alert('Bine ati venit doamna ".$z."')
window.location.href='login1.php'
</SCRIPT>");
}
}
else{
$sql= mysql_query("SELECT * FROM `Diriginte` WHERE `Id` = '$username' AND `Password` = '$password'");
if(mysql_num_rows($sql) > 0)
{
echo ("<SCRIPT LANGUAGE='JavaScript'>
window.alert('Bine ati venit domnule ".$z."')
window.location.href='login1.php'
</SCRIPT>");
}
else {
echo ("<SCRIPT LANGUAGE='JavaScript'>
window.alert('Nume de utilizator sau parola gresite. Va rugam reintroduceti.')
window.location.href='login.php'
</SCRIPT>");
}
}
}
}
?>
sql_connect.php文件用于发布到serv和数据库的连接我必须提到的是,代码是在分部的HTML格式文件中编写的,尽管我认为这不会影响php脚本。这是页面格式化的代码:
<style>
header {
background-color:white;
color:white;
height:5%;
width:80%;
float:left;
text-align:center;
}
details {
background-color:#B0B0B0;
color:white;
height:15%;
width:80%;
font-size:180%;
font-family: "Magneto";
float:left;
text-align:center;
}
nav {
line-height:30px;
background-color:white;
height:100%;
width:10%;
float:left;
}
section {
background-color:#F0F0F0 ;
width:20%;
height:60%;
text-align:center;
float:left;
}
aside {
background-color:#F0F0F0;
width:40%;
height:60%;
font-family: "High Tower Text";
text-align:center;
float:left;
}
summary{
background-color:#F0F0F0;
width:20%;
height:60%;
text-align:left;
float:left;
}
article {
background-color:#B0B0B0;
color:white;
text-align:center;
font-family:'Copperplate Gothic Bold';
height:15%;
width:80%;
float:left;
}
background-color:red;
</style>
td;lr变量在运行"if"命令后正在解除准备。
编辑:已解决问题。原来是由于window.location.href='login1.php'命令重新加载了页面
考虑到我对这个问题所做的大部分评论,我创建了您的应用程序的功能副本,并进行了一些急需的更正。
login.php
<form name="loginForm" action="login-validation.php" method="post" onsubmit="return validate()">
Username: <input type="text" name="uname"><br/>
Password: <input type="Password" name="pass"><br/>
<input type="submit" value="Login" name="submit">
</form>
<a href="MainScreen.html">Inapoi la pagina principala</a>
<script>
function validate() {
var uname = document.forms["loginForm"]["uname"].value;
var pass = document.forms["loginForm"]["pass"].value;
if ((uname == null || uname == "") || (pass == null || pass == "")) {
alert("Please fill out all the fields.");
return false;
}
}
</script>
登录验证.php
<?php
if (isset($_POST['submit'])){
$con = new mysqli("localhost","root","","stackoverflow");
if (mysqli_connect_errno()) {
printf("Database Error: %s'n", mysqli_connect_error());
exit("<br/><a href='login.php'>Try again</a>");
}
$username = $con->real_escape_string($_POST['uname']);
$password = $_POST['pass'];
// Fetch user by username & close the connection to the database
$result = $con->query("SELECT * FROM `users` WHERE `username` = '$username'");
$con->close();
// Retrieve data
$row = $result->fetch_row();
// Check if there's a match
if(!empty($row)) {
// Validate password
if(strcmp($password, $row[2]) == 0) {
// Save Result in Session for future uses
$_SESSION['uid'] = $row[0]; // users.id
$_SESSION['username'] = $row[1]; // users.username
$_SESSION['password'] = $row[2]; // users.password
$_SESSION['role'] = $row[3]; // users.role
// Exit sending a message to the now logged user
exit("Bine ati venit domnule/doamna ".$row[1]);
} else {
// Exit if password doesn't match, provide link for trying again
exit("Incorrect password<br/><a href='login.php'>Try again</a>");
}
}
// If there was no match in the query, throw message and exit
exit("Invalid data<br/><a href='login.php'>Try again</a>");
}
// Create a link to the login page and exit if there was no POST data
exit("<a href='login.php'>Login</a>");
表users:的数据库结构
CREATE TABLE IF NOT EXISTS `users` (
`id` int(11) NOT NULL,
`username` varchar(512) NOT NULL,
`password` varchar(512) NOT NULL,
`role` tinyint(4) NOT NULL DEFAULT '1'
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;
INSERT INTO `users` (`id`, `username`, `password`, `role`) VALUES
(1, 'student', 'student', 0),
(2, 'teacher', 'teacher', 1),
(3, 'other', 'other', 0);
ALTER TABLE `users`
ADD PRIMARY KEY (`id`),
ADD UNIQUE KEY `username` (`username`);
ALTER TABLE `users`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT,AUTO_INCREMENT=2;
一些仍然缺少适当的调整:
- 加密存储的密码
- 控制对登录页面的访问(重定向已登录的用户)
- 控制对登录验证页面的访问
- 更好地管理登录用户的情况
- 对登录失败时发生的情况进行更好的管理(更方便用户)
您不能以这种方式获取变量,因为一旦您完成了对浏览器的回显,您的请求就会结束。要在另一个重定向的php页面上使用相同的变量,您需要在会话中存储变量,如:
$_SESSION["username"]=$_POST['uname'];$_SESSION["password"]=$_POST["pass"];
并在需要时使用$_SESSION["username"]