用户名不会显示

时间:2013-10-31 22:01:06

标签: php mysql

我尝试显示用户登录到我要添加其他成员的memberadd.php,但是,它不显示,而是显示为空白。我发布了成员添加代码和登录代码,它有关于memberadd php没有从其他文件接收变量的事情吗?

这是元代码

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/chtml-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" >
<head>
    <meta http-equiv="content-type" content="text/html; charset=utf-8" />
    <meta name="description" content="Web Programming :: Assignment 2" />
    <meta name="Keywords" content="Web, programming" />
    <title>Member Login</title>
</head>

<body>
    <h1>My Member System</h1>

</body>
</html>

<?php
session_start();
require_once('sqlconnect.inc.php');

if(isset($_SESSION['membername']))
    {
    echo "<p>Welcome back". "<br />".$_SESSION['membername']."</p>";

$conn = @mysqli_connect($host, 
        $user, 
        $pswd, 
        $dbnm);

    if (!$conn) {
        echo "<p>Database connection failure</p>"; 
    } else {

    @mysqli_select_db($conn, $dbnm)
        or die ("Database not available");
    }

    $query = "SELECT member_name FROM team";
    $result = mysqli_query($conn, $query);

    if(!$result) {
        echo "<p>Error with: ", $query, "</p>";
        } else {
        echo "<table width='10%' border='1'>";
        echo "<tr><th>Member</th></tr>";

        while ($row = mysqli_fetch_assoc($result)){
                echo "<tr>";
                echo "<td>",$row["member_name"],"</td>";
                echo "</tr>";
        }
    echo "</table>";
    mysqli_free_result($result);
    }
    }
    //
?>

下面是登录页面

<?php
        session_start();
        require_once('sqlconnect.inc.php');

        if (isset($_POST["login"]))
        {
        $conn = @mysqli_connect($host, $user, $pswd);
                    if (!$conn) {
                    echo "<p>Database connection failure</p>"; 
                    } else {

        $selectDatabase = @mysqli_select_db($conn,$dbnm)
                    or die("<p>The database is not available.</p>");
                    }

        $email = $_POST['email'];
        $passw = $_POST['password'];

        $query = "SELECT member_email FROM team WHERE member_email = '$email' AND password = '$passw'";

        $queryResult = @mysqli_query($conn,$query)
                        or die ("<p>Unable to execute query.</p>". "<p>Error code" . mysqli_errno($conn) .":" . mysqli_error($conn))."</p>";


        if(mysqli_num_rows($queryResult) == 0) //user is not found
        {
            header('Location: login.php');
        }else{

        if(mysqli_num_rows($queryResult) == 1)  
        {
            echo ("<p>User is found, Successful login!</p>");   
            echo('<p><a href="memberadd.php">member add</a> </p>');
            echo('<p><a href="memberremove.php">List/Remove member</a> </p>');
            echo('<p><a href="logout.php">Log out</a> </p>');
            exit();

            $query2 = "SELECT member_name FROM team WHERE member_email = '$email' AND password= '$passw'";

            $queryResult2 = @mysqli_query($conn, $query2)
                        or die ("<p>Unable to execute query.</p>". "<p>Error code" . mysqli_errno($conn) .":" . mysqli_error($conn))."</p>";


            $array = mysqli_fetch_row($queryResult2);       
            $_SESSION['membername'] = $array[0];
        }
        else
        {
            echo"<p>Email and password do not match</p>";
            echo'<p><a href="index.php">Home page</a> </p>';
        }
        }
        }


?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/chtml-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" >
<head>
    <meta http-equiv="content-type" content="text/html; charset=utf-8" />
    <meta name="description" content="Web Programming :: Assignment 2" />
    <meta name="Keywords" content="Web, programming" />
    <title>Member Login</title>
</head>

<body>

<form id='login' action='login.php' method='POST'>
        <fieldset >
            <legend><h1>My Team System Log in Page</h1></legend>
            <?php $email = isset($_POST['email']) ? filter_var($_POST['email'], FILTER_SANITIZE_STRING) : ''; ?>
            <label for='email' >Email:</label>
                <input type='text' name='email' id='email' maxlength="50"  value="<?php echo $email; ?>" />
            </div>
                    <br />
            <div class="elements">
            <label for='password' >Password:</label>
                <input type='password' name='password' id='password' maxlength="50" />
            </div>
                    <br />
            <div class="submit">
                <input type='submit' name='login' value='Login' />
                <input type='reset' name='Submit' value='Clear' />
                    <br />
            <div class="elements">
            <a href="index.php">Home</a> 
        </fieldset>
</form>

</body>
</html>

5 个答案:

答案 0 :(得分:0)

您将会话设置为membername,然后尝试拨打name。在中,您应该将显示用户名称的位更正为$_SESSION['membername']

答案 1 :(得分:0)

空白屏幕通常是解析错误... 

echo "<p>Error with: ", $query, "</p>";

应该是

echo "<p>Error with: ".$query."</p>"; 


echo "<td>",$row["member_name"],"</td>";

应该是

echo "<td>".$row["member_name"]."</td>";

答案 2 :(得分:0)

我看到3个错误 -
1.您的session_start()不在代码的顶部/开头 2.在设置会话值之前回显 3.在回显之后和设置会话值之前使用exit();

另外,你对sql注入很开放,你应该哈希你的密码。

答案 3 :(得分:0)

我可以告诉你我所看到的内容: 您可以像这样设置成员名称的会话

$_SESSION['membername'] = $array[0];

但是在memberadd.php中你可以像这样检索它:

echo "<p>Welcome back". "<br />".$_SESSION['name']."</p>";

所以你应该改成你设置的同名:

echo "<p>Welcome back". "<br />".$_SESSION['membername']."</p>";

答案 4 :(得分:0)

我很抱歉,我在早期文件中犯了一个错误,这是人们注册的注册文件,我在那里设置会话名称['name']而不是['membername']。现在一切都很好。

相关问题
最新问题