为什么即使在第一次加载页面时出现“错误的用户名/密码”警报?

时间:2012-07-10 09:59:40

标签: php mysql

我有一个登录表单,当我到达页面时,它会自动给我提示警告信息。我还没有提供用户名和密码信息。
这是验证登录表单输入的页面,请查看它的行为是什么样的?

<?
session_start();
include "config.php";

if(isset($_SESSION["login_user"]) AND isset($_SESSION['pass_user'])){
    $login_user = $_SESSION["login_user"];
    $pass_user = $_SESSION["pass_user"];

$sql = mysql_query("SELECT * FROM adm WHERE login = '$login_user'");
$cont = mysql_num_rows($sql);
while($linha = mysql_fetch_array($sql)){
    $pass_db = $linha['pass'];
}

if($cont == 0){
    unset($_SESSION["login_user"]);
    unset($_SESSION["pass_user"]);

    echo "
    <META HTTP-EQUIV=REFRESH CONTENT='0; URL=login.php'>
    <script type=\"text/javascript\">
    alert(\"Name of user dont match.\");
    </script>";

}

if($pass_db != $pass_user){//check pass

    unset($_SESSION["login_user"]);
    unset($_SESSION["pass_user"]);

    echo "
    <META HTTP-EQUIV=REFRESH CONTENT='0; URL=login.php'>
    <script type=\"text/javascript\">
    alert(\"Password dont match.\");
    </script>";

}

}else{

    echo "
    <META HTTP-EQUIV=REFRESH CONTENT='0; URL=login.php'>
    <script type=\"text/javascript\">
    alert(\"User and password dont match.\");
    </script>";

}

?>

3 个答案:

答案 0 :(得分:1)

这是因为以下if语句返回false:

if (isset($_SESSION["login_user"]) AND isset($_SESSION['pass_user']))

当发生这种情况时,将执行以下代码:

} else {
    echo "
    <META HTTP-EQUIV=REFRESH CONTENT='0; URL=login.php'>
    <script type=\"text/javascript\">
    alert(\"User and password dont match.\");
    </script>";
}

答案 1 :(得分:0)

请从您的代码中删除else语句。现在使用它。

 <?php
session_start();

include "config.php";

if(isset($_SESSION["login_user"]) AND isset($_SESSION['pass_user'])){

$login_user = $_SESSION["login_user"];
$pass_user = $_SESSION["pass_user"];

$sql = mysql_query("SELECT * FROM adm WHERE login = '$login_user'");
$cont = mysql_num_rows($sql);
while($linha = mysql_fetch_array($sql)){
$pass_db = $linha['pass'];
}

if($cont == 0){

unset($_SESSION["login_user"]);
unset($_SESSION["pass_user"]);

echo "
<META HTTP-EQUIV=REFRESH CONTENT='0; URL=login.php'>
<script type=\"text/javascript\">
alert(\"Name of user dont match.\");
</script>";

 }

if($pass_db != $pass_user){//check pass

unset($_SESSION["login_user"]);
unset($_SESSION["pass_user"]);

echo "
<META HTTP-EQUIV=REFRESH CONTENT='0; URL=login.php'>
<script type=\"text/javascript\">
alert(\"Password dont match.\");
</script>";

}

}

?>

答案 2 :(得分:0)

我猜你刚刚错位了其他人:

<?
session_start();

include "config.php";

if(isset($_SESSION["login_user"]) AND isset($_SESSION['pass_user'])){

    $login_user = $_SESSION["login_user"];
    $pass_user = $_SESSION["pass_user"];

$sql = mysql_query("SELECT * FROM adm WHERE login = '$login_user'");
$cont = mysql_num_rows($sql);
while($linha = mysql_fetch_array($sql)){
    $pass_db = $linha['pass'];
}

if($cont == 0){

    unset($_SESSION["login_user"]);
    unset($_SESSION["pass_user"]);

    echo "
    <META HTTP-EQUIV=REFRESH CONTENT='0; URL=login.php'>
    <script type=\"text/javascript\">
    alert(\"Name of user dont match.\");
    </script>";

}

if($pass_db != $pass_user){//check pass

    unset($_SESSION["login_user"]);
    unset($_SESSION["pass_user"]);

    echo "
    <META HTTP-EQUIV=REFRESH CONTENT='0; URL=login.php'>
    <script type=\"text/javascript\">
    alert(\"Password dont match.\");
    </script>";

}else{

    echo "
    <META HTTP-EQUIV=REFRESH CONTENT='0; URL=login.php'>
    <script type=\"text/javascript\">
    alert(\"User and password dont match.\");
    </script>";

}
}
?>

但是,如@David所述,您不应指定只有密码错误。

相关问题
最新问题