HTML Bootstrap PHP连接错误

I want to write log in code for my index.html ' s form and i wrote a giris-yap.php file which is at below. i cant access my php file browser get alert only like localhost is waiting . i tried to put action method in my form's submit button but it was not usefull.

giris-yap.php

    <?php
require "connect.inc.php";
require "core.inc.php";

if(isset($_POST['exampleInputEmail1']) && isset($_POST['exampleInputPassword1']) ){
    $mail=$_POST['exampleInputEmail1'];
    $pass=$_POST['exampleInputPassword1'];
    $password=md5($pass);
    if($query_run=mysql_query("SELECT * FROM `users` WHERE `e-mail`= '".mysql_real_escape_string($mail)."' AND `sifre`='".mysql_real_escape_string($password)." ' ")){
        $query_num_rows = mysql_num_rows($query_run);
        if($query_num_rows==0){
            echo 'Invalid';
        }
        else if($query_num_rows!=0){
            $ad=mysql_result($query_run,0,'Ad');
            $_SESSION['ad']=$ad;
            $usersurname=mysql_result($query_run,0,'SoyAd');
            $_SESSION['usersurname']=$usersurname;
            $username=mysql_result($query_run,0,'e-mail');
            $_SESSION['username']=$username;
            header('Location: index.html');
        }
    }
    else{
        echo mysql_error();
    }
}
else{echo 'error';}
/**
 * Created by PhpStorm.
 * User: bilsay
 * Date: 21.05.2015
 * Time: 10:35
 */

?>

index.html :

<div class="modal fade" id="login-modal-box" role="dialog" aria-labelledby="gridSystemModalLabel" aria-hidden="true">
        <form action="#giris-kontrol" method="POST">


            <div class="modal-dialog user-login-box-dialog">
              <div class="modal-content">
                <div class="modal-header">
                  <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
                  <h4 class="modal-title" id="gridSystemModalLabel">Kullanıcı Giriş Paneli</h4>
                </div>

                <div class="modal-body">
                  <div class="container-fluid">
                    <div class="row">

                        <div class="form-group">
                            <label for="exampleInputEmail1">Eposta Adresiniz</label>
                            <input type="email" class="form-control" id="exampleInputEmail1" placeholder="Enter email">
                          </div>
                          <div class="form-group">
                            <label for="exampleInputPassword1">Şifre</label>
                            <input type="password" class="form-control" id="exampleInputPassword1" placeholder="Password">
                          </div>

                          <div class="checkbox">
                            <label>
                              <input type="checkbox"> Beni hatırla
                            </label>
                          </div>

                    </div>
                  </div>
                </div>
                <div class="modal-footer">
                  <button type="submit" class="btn btn-default" value="Giriş">Giriş</button>
                </div>
              </div><!-- /.modal-content -->
            </div><!-- /.modal-dialog -->

            </form>
        </div><!-- /.modal -->

展开全部

写回答
好问题 0 提建议
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

2条回答默认最新

douna5529 2015-05-21 07:12

关注

cant access my php file

You need to update your action as described in the other answer: https://stackoverflow.com/a/30377560/482256.

Then, note that this code here:

require connect.inc.php;
require core.inc.php;

Is the equivalent of doing this:

require 'connectincphp';
require 'coreincphp';

When you don't use quotes, PHP looks for constants, and when it doesn't find those it will assume the string, so connect becomes "connect". The period concatenates, so it combines "connect" with "inc" and you get "connectinc", etc.

The require should be causing a 500 error...and possibly an empty page depending on what your error output settings are.

Your code translated to PDO and BCrypt, because I just can't "fix" code and leave it insecure:

if(isset($_POST['exampleInputEmail1']) && isset($_POST['exampleInputPassword1']) ){
    $pdo        = new \PDO('mysql:dbname=dbName;host=localhost','username','password');
    $mail       = $_POST['exampleInputEmail1'];
    $pass       = $_POST['exampleInputPassword1'];

    $userSql    = $pdo->prepare("SELECT * FROM `users` WHERE `e-mail`=:email");
    $userSql->execute(array('email'=>$mail));
    $userData   = $userSql->fetch(\PDO::FETCH_ASSOC);

    if( $userData !== false && BCrypt::isValidPassword($pass, $userData['sifre']) ) {
        $_SESSION['ad']             = $userData;
        $_SESSION['usersurname']    = $userData['SoyAd'];
        $_SESSION['username']       = $userData['username'];
        header('Location: index.html');
    }
    else {
        die("You have entered an invalid username or password");
    }
}
else{
    die("Username and Password must be submitted");
}

And your modified HTML. I fixed the action, turned your button into a real submit button, and added the name= attributes to your inputs:

<div class="modal fade" id="login-modal-box" role="dialog" aria-labelledby="gridSystemModalLabel" aria-hidden="true">
    <form action="giris-yap.php" method="POST">

        <div class="modal-dialog user-login-box-dialog">
            <div class="modal-content">
                <div class="modal-header">
                    <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
                    <h4 class="modal-title" id="gridSystemModalLabel">Kullanıcı Giriş Paneli</h4>
                </div>

                <div class="modal-body">
                    <div class="container-fluid">
                        <div class="row">

                            <div class="form-group">
                                <label for="exampleInputEmail1">Eposta Adresiniz</label>
                                <input type="email" class="form-control" id="exampleInputEmail1" name="exampleInputEmail1" placeholder="Enter email">
                            </div>
                            <div class="form-group">
                                <label for="exampleInputPassword1">Şifre</label>
                                <input type="password" class="form-control" id="exampleInputPassword1" name="exampleInputPassword1" placeholder="Password">
                            </div>

                            <div class="checkbox">
                                <label>
                                    <input type="checkbox"> Beni hatırla
                                </label>
                            </div>

                        </div>
                    </div>
                </div>
                <div class="modal-footer">
                    <button type="submit" value="1" class="btn btn-primary" id="submit"> Giriş Yap</button>
                </div>
            </div>
            <!-- /.modal-content -->
        </div>
        <!-- /.modal-dialog -->

    </form>
</div><!-- /.modal -->

And the BCrypt class you will need. However, use password_hash and password_verify if you have PHP >= 5.5.

class BCrypt {
    public static function hash( $password, $cost=12 ) {
        $base64 = base64_encode(openssl_random_pseudo_bytes(17));
        $salt   = str_replace('+','.',substr($base64,0,22));
        $cost   = str_pad($cost,2,'0',STR_PAD_LEFT);
        $algo   = version_compare(phpversion(),'5.3.7') >= 0 ? '2y' : '2a';
        $prefix = "\${$algo}\${$cost}\${$salt}";

        return crypt($password, $prefix);

    }
    public static function isValidPassword( $password, $storedHash ) {
        $newHash    = crypt( $password, $storedHash );
        return self::areHashesEqual($newHash,$storedHash);
    }
    private static function areHashesEqual( $hash1, $hash2 ) {
        $length1    = strlen($hash1);
        $length2    = strlen($hash2);
        $diff       = $length1 ^ $length2;
        for($i = 0; $i < $length1 && $i < $length2; $i++) {
            $diff |= ord($hash1[$i]) ^ ord($hash2[$i]);
        }
        return $diff === 0;
    }

}