所以我正在尝试建立一个网站,但是我坚持登录无论我尝试什么我登录转到主页并立即退出请帮助我真的想让这个网站启动并运行明年年底 的login.php
<?php
SESSION_START();
$_SESSION['uname'] = $uname; // Set the user's name.
require('config.php');
if(isset($_POST['submit'])){
$uname = mysql_escape_string($_POST['uname']);
$pass = mysql_escape_string($_POST['pass']);
$pass = md5($pass);
$sql = mysql_query("SELECT * FROM `users` WHERE `uname` = '$uname' AND `pass` = '$pass'");
if(mysql_num_rows($sql) > 0){
header("Location: home.php");
echo "You are now logged in.";
exit();
}else{
echo "Wrong username and password combination.";
}
}else{
$form = <<<EOT
<form action = "login.php" method = "POST">
Username: <input type = "text" name="uname"> <br />
Password: <input type = "password" name = "pass" /> <br />
<input type = "submit" name = "submit" value = "Login"/>
</form>
EOT;
}
echo $form;
?>e
Home.php
<?php
SESSION_START();
$_SESSION['uname'] = $uname; // Set the user's name.
if($uname){
echo $uname;
}
?>
<?php
if(!$uname){
?>
<a href="register">Register</a>
<a href="login">Login</a>
<?php
}
?>
<head>
<link rel="stylesheet" type="text/css" href="style.css">
<title>ArcheWorlds</title>
</head>
<body bgcolor="black">
<div class = "HomeNav">
<a href = "register.php">Register</a><!--class = "HomeNavButton"-->
|
<a href = "login.php">Login</a>
</div>
<p>Hello and welcome to Archeworlds!</p>
</body>
<div class="footer" style="border-top: 1px solid #FFFFFF padding-bottom: 10px margin-top: 150px"> <img `src="Pictures/Studio 8 (small).png">`
答案 0 :(得分:0)
<强> login_form.php
<?php
session_start();
if (isset($_SESSION['uname'])) {
$username = $_SESSION['uname'];
echo $username;
exit(); # Ready to go!
}
?>
<form action = "login.php" method = "POST">
Username: <input type = "text" name="uname"> <br />
Password: <input type = "password" name = "pass" /> <br />
<input type = "submit" name = "submit" value = "Login"/>
</form>
<强>的login.php
<?php
session_start();
$username = mysql_escape_string($_POST['uname']);
$pass = md5(mysql_escape_string($_POST['pass'])); ## This is *INCREDIBLY* insecure
$sql = mysql_query("SELECT * FROM `users` WHERE `uname` = '$uname' AND `pass` = '$pass'");
if(mysql_num_rows($sql) > 0){
$_SESSION['uname'] = $username;
header("Location: home.php"); # Ready to go!
exit();
}
else {
header('login_form.php'); # Failed
}
提出更安全的密码哈希的最简单方法是为数据库生成一个salt,然后使用PHP Manual Page为它提供PBKDF2的实现
答案 1 :(得分:0)
我认为您需要对代码进行一些更改:
login.php
<?php
if( isset( $_GET['action'] ) && $_GET['action'] == "logout") {
session_unset();
}
if(isset($_POST['submit'])){
SESSION_START();
$_SESSION['uname'] = $_POST['uname']; // Set the user's name.
require('config.php');
$uname = mysql_escape_string($_POST['uname']);
$pass = mysql_escape_string($_POST['pass']);
$pass = md5($pass);
$sql = mysql_query("SELECT * FROM `users` WHERE `uname` = '$uname' AND `pass` = '$pass'");
if(mysql_num_rows($sql) > 0){
header("Location: Home.php");
exit();
}else{
echo "Wrong username and password combination.";
}
} ?>
&安培; Home.php将如下:
<?php
if( false == isset( $_SESSION['uname'] ) ) {
header("Location: login.php");
exit();
} ?>
<head>
<link rel="stylesheet" type="text/css" href="style.css">
<title>ArcheWorlds</title>
</head>
<body bgcolor="black">
<div class = "HomeNav">
<a href = "register.php">Register</a>|<a href = "login.php?action=logout">Logout</a>
</div>
<p>Hello and welcome to Archeworlds!</p>
<div class="footer" style="border-top: 1px solid #FFFFFF padding-bottom: 10px margin-top: 150px"> <img src="Pictures/Studio 8 (small).png">
</body>
注意:我没有测试过这段代码,但是会对你有用。
答案 2 :(得分:0)
我建议你研究一下。 http://www.homeandlearn.co.uk/php/php14p1.html。他们在登录数据库上有示例,为用户提供会话..