我是php的新手并试图开发一个登录脚本,但是当我输入值时,它无效。我甚至找不到错误,因为当我点击提交时它只刷新页面
这是我的代码
<?php include "../utilities/config.php";
foreach($_GET as $key=>$value)
{
${$key} = trim($value);
}
$error = '';
if($checking_member_availability == 'yes'){
if(empty($user_name)){
$error .= "Please enter user name.<br />";
}
if(empty($password)){
$error .= "Please enter password.<br />";
}
if(empty($error)){
$sql = "select * from `".SITE_TABLE_PREFIX."user` where email='".$user_name."' and pwd='".$password."'";
$resultUser = mysql_query($sql) or die(mysql_error().$sql);
if(mysql_num_rows($resultUser)>0){
$rowUser = mysql_fetch_array($resultUser);
$error .= '';
$_SESSION['email']=$user_name;
}else{
$error .= "Please check Email and Password.";
}
}
if(empty($error)){
echo "myaccount.php";
}
else{
echo "<font color='#A01D49'>$error</font>";
}
}
?>
请有人帮助我,我花了很多时间没有成功
这是html代码
<script type="text/javascript" language="javascript">
function validation()
{
var password = trim(document.form1.password.value);
var user_name = trim(document.form1.user_name.value);
var type = trim(document.form1.type.value);
http.open("GET", "processor.php?checking_member_availability=yes&password="+
escape(password)+"&user_name="+ escape(user_name)+"&type=" + escape(type) , true);
http.onreadystatechange = handleHttpResponse;
http.send(null);
return false;
}
</script>
</head>
<table width="241" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><table width="100%" border="0" cellspacing="0" cellpadding="0" <?php if($_SESSION['user_id']!=''){?> style="display:none;"<?php }?>>
<tr>
<td align="left" valign="top" class="loginBg">
<img src="img/logintxt.jpg" alt = '' width='100' height='29' border='0'>
</td>
</tr>
<tr>
<td align="left" valign="top" class="login"><form name="form1" id="form1" action="" method="post" onSubmit="return validation();">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><td colspan="3"><span id="user"></span></td></tr>
<tr>
<td align="left" valign="middle" class="height"><label class="boldtxt">Email:</label></td>
<td align="left" valign="middle" class="heightMid"><input type="text" name="email" id="email" />
</td>
</tr>
<tr>
<td align="left" valign="middle"><label class="boldtxt">Password:</label></td>
<td align="left" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="left" valign="top"><input type="password" name="password" id='password' class="loginfld" />
</td>
<td align="left" valign="middle"><input type="image" src="img/submit.jpg" class="submit" onClick="return validation();" />
</td>
</tr>
</table></td>
</tr>
<tr>
<td align="left" valign="top"> </td>
<td align="left" valign="top"><a href="forget_password.php" class="normalTxt">Forgot your password?</a><br />
</td>
</tr>
</table>
</form></td>
</tr>
</table></td>
</tr>
<tr>
<td align="left" valign="top">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="left" valign="top"><a href="provider_registration.php"><img src="images/applybut.jpg" alt="" border="0" class="apply" /></a></td>
</tr>
<tr>
<td align="left" valign="top">
<?=$value?>
</td>
</tr>
<tr>
<td align="left" valign="top"> </td>
</tr>
<tr>
<td align="left" valign="top"> </td>
</tr>
</table>
</td>
</tr>
</table>
答案 0 :(得分:1)
好的,你有一个带有文件名的echo语句:
echo "myaccount.php";
首先,你确定这是你想做的吗?我相信这将回应字符串“myaccount.php”。我相信你会想要包含“myaccount.php”
其次,您在javascript中引用了表单字段“user_name”,但您尝试访问的字段名称被命名为“email”。这也可能是问题的一部分。
答案 1 :(得分:0)
您正在使用表单method="post"
,但正在寻找$_GET
。
使用method="get"
或$_POST
!
正如您从评论中收集的那样,您的代码在安全性方面存在其他几个问题。不要灰心 - 每个人都曾经是初学者。但是,你真的应该阅读SQL Injection并停止将所有$ _GET值分配给字符串 - 将它们全部命名为全部,即:
$user_name = trim($_GET['user_name']);
祝你好运,坚持下去!
[编辑]啊,正如斯蒂芬在评论中正确指出的那样,JS使用get
来提交帖子,所以实际上是“电子邮件”的字段名称就是问题。