我在网上下载了一个基本系统的脚本,用户可以使用admin和密码admin的用户名登录, 但是脚本在登录页面上有一个小错误,似乎有一个未声明的变量,我可以看到变量没有从表单声明,但我不能以一种可以使它工作的方式声明。我需要一种从表单输入声明$ position变量的方法,因此它适用于login.php 这是错误
注意:未定义的索引:位于第20行的C:\ Program Files \ EasyPHP-5.3.3 \ www \ preenrolmentsystem \ login.php中的位置 该源有2页用于login.php 形式之一是formform.php
这里是login.php
<?php
//Start session
session_start();
if (isset($_POST['position'])) {
//do something with position
} else {
//position was not set, maybe give it a default value and use that
}
//Connect to mysql server
include('connect.php');
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$login = clean($_POST['id']);
$password = clean($_POST['password']);
$position = clean($_POST['position']);
$result = mysql_query("SELECT * FROM user WHERE idnumber='$login' AND password='$password'");
while($row = mysql_fetch_array($result))
{
$position = $row['position'];
}
if ($position=='admin')
{
//Create query
$qry="SELECT * FROM admin WHERE idnum='$login' AND password='$password'";
$result=mysql_query($qry);
//while($row = mysql_fetch_array($result))
// {
// $level=$row['position'];
// }
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) > 0) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['id'];
session_write_close();
//if ($level="admin"){
header("location: admin/index.php");
exit();
}else {
//Login failed
header("location: loginform.php");
exit();
}
}else {
die("Query failed");
}
}
if ($position=='student')
{
//Create query
$qry="SELECT * FROM prereg WHERE idnumber='$login' AND password='$password'";
$result=mysql_query($qry);
//while($row = mysql_fetch_array($result))
// {
// $level=$row['position'];
// }
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) > 0) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['id'];
$_SESSION['SESS_FIRST_NAME'] = $member['idnumber'];
session_write_close();
//if ($level="admin"){
header("location: student/profile.php");
exit();
}else {
//Login failed
header("location: loginform.php");
exit();
}
}else {
die("Query failed");
}
}
if ($position=='Casher')
{
//Create query
$qry="SELECT * FROM casher WHERE idnumber='$login' AND password='$password'";
$result=mysql_query($qry);
//while($row = mysql_fetch_array($result))
// {
// $level=$row['position'];
// }
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) > 0) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['id'];
$_SESSION['SESS_FIRST_NAME'] = $member['idnumber'];
session_write_close();
//if ($level="admin"){
header("location: casher/index.php");
exit();
}else {
//Login failed
header("location: loginform.php");
exit();
}
}else {
die("Query failed");
}
}
if ($position=='teacher')
{
//Create query
$qry="SELECT * FROM teacher WHERE idnumber='$login' AND password='$password'";
$result=mysql_query($qry);
//while($row = mysql_fetch_array($result))
// {
// $level=$row['position'];
// }
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) > 0) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['id'];
$_SESSION['SESS_FIRST_NAME'] = $member['idnumber'];
session_write_close();
//if ($level="admin"){
header("location: teacher/index.php");
exit();
}else {
//Login failed
header("location: loginform.php");
exit();
}
}else {
die("Query failed");
}
}
?>
和loginform.php
<?php
//Start session
session_start();
//Unset the variables stored in session
unset($_SESSION['SESS_MEMBER_ID']);
unset($_SESSION['SESS_FIRST_NAME']);
unset($_SESSION['SESS_LAST_NAME']);
?>
<html>
<head>
<title>
</title>
<link rel="stylesheet" href="css/main.css" />
<style type="text/css">
<!--
.ed{
border-style:solid;
border-width:thin;
border-color:#00CCFF;
padding:5px;
margin-bottom: 4px;
}
#button1{
text-align:center;
font-family:Arial, Helvetica, sans-serif;
border-style:solid;
border-width:thin;
border-color:#00CCFF;
padding:5px;
background-color:#00CCFF;
height: 34px;
}
-->
</style>
</head>
<body>
<div id="mainwrapper">
<div id="header">
<img src="images/amuni.jpg">
</div>
<div id="menu">
<ul>
<li>
<a href="index.php">Home</a>
</li>
<li>
<a href="loginform.php">Login</a>
</li>
<li>
<a href="pre_reg.php">Student Pre Registration</a>
</li>
<li>
<a href="aboutus.php">About Us</a>
</li>
<li>
<a href="help.php">Help</a>
</li>
<div class="clearfix"></div>
</ul>
</div>
<div id="main" style="padding:20px; text-align:justify; font-family:arial;">
<form action="login.php" method="post">
I.D. Number<br>
<input type="text" name="id" class="ed"><br>
Password<br>
<input type="password" name="password" class="ed"><br>
<input type="submit" value="Login" id="button1">
</form>
</div>
<div id="footer">
</div>
<div class="clearfix"></div>
</div>
</body>
</html>
plz给出$ position变量的示例声明以及我如何在两个文件上使用它
答案 0 :(得分:0)
在表单中添加名为position的隐藏文字,以便您可以在PHP上访问它。
<input type="hidden" name="position" value="somevalue">