以下是用户可以登录的位置,但如果用户忘记了用户名和电子邮件的密码,我想向用户提供选项。
login.php
<?php
if (!loggedin()) {
if($_POST['submitID'] == 1){
/* Connect to database */
if($connectDatabase == TRUE){$action=TRUE;include('connect.php');}
/* sanitise and check the info */
$userName = mysql_real_escape_string($_POST['userName'],$db);
$password = mysql_real_escape_string($_POST['password'],$db);
if($userName == NULL) { $message = 'Please enter username.';}
if($message == NULL && $password == NULL){ $message = 'Please enter password.';}
if($message == NULL)
{
$HashPass = md5($password);
$userQuery = mysql_fetch_row(mysql_query("SELECT COUNT(*) FROM " . $datauser .
" WHERE `" . $userNameField . "`='$userName' AND `" . $userPasswordField . "`='$HashPass'"));
/* If usercount is more than 0 -> ok */
if($userQuery[0] > 0){
if($connectDatabase == TRUE){$action=FALSE;include('connect.php');}
$_SESSION['isLoged'] = 'yes';
$_SESSION['userName'] = $userName;
header("Location: $loginPage");
exit();
} else {
$message = 'Invalid username and/or password!';
}
}
if($connectDatabase == TRUE){$action=FALSE;include('connect.php');}
}
?>
<?php
?><h1><? echo $_SESSION['userName'];?></h1><?
/* Display error messages */
if($message != NULL){?>
<?php } ?>
我如何能够从数据库中检查用户名并允许用户创建新密码并更新数据库