dongyan4424 2017-09-02 14:56
浏览 71
已采纳

为什么这个登录表单代码不起作用? [关闭]

I'm working on this since Thursday night but I can not figure it out what I'm doing wrong . I'm trying just create a simple login form . I have user and admin .when I'm trying to login as a user it says the user's username and password is invalid even my password and username are correct .any help appreciate it in advance .

<?php

include 'Fonctions/fonctions.php';
teteHtml("Login");
enTete($messageErreur);

//store the values found in SESSION
$username = "";
$password = "";
$loginError = "";
if (isset($_POST["login"])) {
    createCookie();
    echo $loginError;
} else {
    if (isset($_POST["deconnexion"])) {
        deleteCookie();
    }
}

function createCookie() {
    //if (isset($_POST["uname"], $_POST["psw"])) {
    if (isset($_POST["login"])) {
        //check if the system is lock
        if (isset($_SESSION["login_error"]) && $_SESSION["login_error"] >= 3) {
            die("Plusieurs essaies sont interdits!");
        } else {


            $connection = getDatabaseConnection();


            $salted = "wrntjkhn4wervfmm" . $_POST["password"] . "wo2i45djk";
            $hashed = hash('sha512', $salted);


            $stmt = $connection->prepare("CALL login(?,?)");
            $stmt->bindParam(1, $_POST["username"]);
            $stmt->bindParam(2, $hashed);
            //echo json_encode($stmt->errorInfo());
            // call the stored procedure
            $stmt->execute();


            if ($row = $stmt->fetch()) {
                $_SESSION["username"] = $row["username"];
            } else if ($_POST["username"] == "admin" && $_POST["password"] == "admin") {
                $_SESSION["username"] = "admin";
            } else {
                if (isset($_SESSION["login_error"])) {
                    echo $_SESSION["login_error"] . "jjjj";
                    $_SESSION["login_error"] ++;
                } else {
                    $_SESSION["login_error"] = 1;
                }
                if ($_SESSION["login_error"] >= 3) {
                    echo "you put 3 times wrong password.";
                }
                //echo gettype($_SESSION["login_error"]). ($_SESSION["login_error"] >= 3);
                die("password and username are invalid");
            }
        }
    }
}

function deleteCookie() {
    //$_SESSION["uname"] = "";
    session_destroy();

    //refresh the page
    //header("Location: Mon_compte.php");
}

include 'html/login.html';

?>

    <form  method="POST"  action="login.php">

      <label><b>Username</b></label>
      <input type="text" placeholder="Enter Username" name="username" required>

      <label><b>Password</b></label>
      <input type="password" placeholder="Enter Password" name="password" required>

      <button type="submit" name="login">Login</button>
      <!--<input type="checkbox" checked="checked"> Remember me-->
      <span id="error_connection"></span>

      <span class="psw">Forgot <a href="#">password?</a></span>

  </form>

BEGIN
select username, password from users
    where username = p_username and password = p_password;
END
  • 写回答

1条回答 默认 最新

  • duandaijian1583 2017-09-02 17:24
    关注

    mySql Database/Table

    Database Name - Login

    Table Name - Users

    Table Columns -

    id(primary_key) | username | passcode

    DBConnection.php

    <!-- Fill in the data below with your appropriate data -->

<?php
   define('server', 'localhost:3036');
   define('username', 'root');
   define('password', 'root_password');
   define('database_name', 'login');
   $db = mysqli_connect(server, username, password, database_name);
?>

    Login.php

    <?php
   include("DBConnection.php");
   session_start();

   if($_SERVER["REQUEST_METHOD"] == "POST") {         
      $myusername = mysqli_real_escape_string($db,$_POST['username']);
      $mypassword = mysqli_real_escape_string($db,$_POST['password']); 
      $sql = "SELECT id FROM users WHERE username = '$myusername' and passcode = '$mypassword'";
      $result = mysqli_query($db,$sql);
      $row = mysqli_fetch_array($result,MYSQLI_ASSOC);
      $active = $row['active'];
      $count = mysqli_num_rows($result);

      if($count == 1) {
         session_register("myusername");
         $_SESSION['login_user'] = $myusername;
         header("location: welcome.php");
      }else {
         $error = "Your Login Name or Password is invalid";
      }
   }
?>
<html>
   <head>
      <title>Login Page</title>
   </head>
   <body>
      <div align = "center">
         <div>Login</div>   
         <form action = "" method = "post">
             <label>UserName  :</label><input type = "text" name = "username" class = "box"/><br /><br />
             <label>Password  :</label><input type = "password" name = "password" class = "box" /><br/><br />
             <input type = "submit" value = " Submit "/><br />
         </form>
         <div><?php echo $error; ?></div>
      </div>
   </body>
</html>

    Session.php

    <?php
   include('DBConnection.php');
   session_start();

   $user_check = $_SESSION['login_user'];

   $ses_sql = mysqli_query($db,"select username from users where username = '$user_check' ");

   $row = mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);

   $login_session = $row['username'];

   if(!isset($_SESSION['login_user'])){
      header("location:Login.php");
   }
?>

    Welcome.php

    <?php
   include('Session.php');
?>
<html>     
   <head>
      <title>Welcome </title>
   </head>
   <body>
      <h1>Welcome <?php echo $login_session; ?></h1> 
      <h2><a href = "Logout.php">Sign Out</a></h2>
   </body>
</html>

    Logout.php

    <?php
   session_start(); 
   if(session_destroy()) {
      header("Location: Login.php");
   }
?>
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 乌班图ip地址配置及远程SSH
  • ¥15 怎么让点阵屏显示静态爱心,用keiluVision5写出让点阵屏显示静态爱心的代码,越快越好
  • ¥15 PSPICE制作一个加法器
  • ¥15 javaweb项目无法正常跳转
  • ¥15 VMBox虚拟机无法访问
  • ¥15 skd显示找不到头文件
  • ¥15 机器视觉中图片中长度与真实长度的关系
  • ¥15 fastreport table 怎么只让每页的最下面和最顶部有横线
  • ¥15 R语言卸载之后无法重装,显示电脑存在下载某些较大二进制文件行为,怎么办
  • ¥15 java 的protected权限 ,问题在注释里