Question

我是PHP的新手，我的登录脚本存在问题，我花了好几个小时看着，无法弄清楚我哪里出错了。

每当我尝试登录时，我都会看到“输入的电子邮件地址和密码与存档的电子邮件地址和密码不匹配，或者您尚未激活帐户”声明，我的代码如下所示。电子邮件地址和密码存储在数据库中，并使用我的注册和激活脚本输入，这些脚本都正常工作，并通过MySQL连接脚本连接到我的数据库，并使用配置脚本。

我实际上已经根据我一直在学习的课程构建了这个脚本，现在有点关注!!

如果有人对我出错的地方有任何建议，我将非常感激。

非常感谢提前!!

 <?php # login.php


   include ('./includes1/headerregistration.html');
   require_once ('./includes1/config.php');
$page_title = 'Login';

if (isset($_POST['submitted'])) { // Check if the form has been submitted.
   require_once ('./mysql_connect.php');

   // Validate the email address.
   if (!empty($_POST['email'])) {
      $e = escape_data($_POST ['email']);
   } 

   else {
      echo '<p><font color="red"size="+1"> You forgot to enter your email address!
      </font></p>';
      $e = FALSE;
   }

   // Validate the password.
   if (!empty($_POST['pass'])) {
      $p = escape_data($_POST ['pass']);
   } 

   else {
      $p = FALSE;
      echo '<p><font color="red"size="+1"> You forgot to enter your password!
      </font></p>';
   } 
if ($e && $p) { // If everything's OK.
   // Query the database.
   $query = "SELECT id, first_name FROM Jobseekers WHERE (email='$e' AND pass=SHA('$p')) AND active IS NULL";
   $result = mysql_query ($query) or trigger_error("Query: $query\n <br />MySQL Error: " . mysql_error()); 

if (@mysql_num_rows ($result) == 1) { // A match was made.
      // Register the values & redirect.
      $row = mysql_fetch_array ($result,MYSQL_NUM);
      mysql_free_result($result);
      mysql_close();
      $_SESSION['first_name'] = $row[1];
      $_SESSION['id'] = $row[0];

      // Start defining the URL.
      $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);

      // Check for a trailing slash.
      if ((substr($url, -1) == '/') OR(substr($url, -1) == '\\') ) {
        $url = substr ($url, 0, -1); // Chop off the slash.
      }
      // Add the page.
      $url .= '/indexregtest.php';
      ob_end_clean(); // Delete the buffer.
      header("Location: $url");
      exit(); // Quit the script. 
 } 
 else { // No match was made.
        echo '<p><font color="red"size="+1">Either the email address and password entered do not match those on file or you have not yet activated your account.</font></p>';
      }
   } 
   else {
      echo '<p><font color="red"size="+1">Please try again.</font></p>';
   }
   mysql_close();
} // End of SUBMIT conditional.
?>

<h1>Login</h1>
<p>Your browser must allow cookies in order to log in.</p>
<form action="login.php"method="post">
   <fieldset>
   <p><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /></p>
   <p><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p>
   <div align="center"><input type="submit" name="submit" value="Login" /></div>
   <input type="hidden" name="submitted" value="TRUE" />
   </fieldset>
</form>

<?php
include ('./includes1/footerregistration.html');
?>

Answer 1

$result = mysql_query ($query) or trigger_error("Query: $query\n <br />MySQL Error: " . mysql_error());

不要这样做。它不是JavaScript。 or和and运算符始终严格返回true或false。

$result = mysql_query($query);
if(!$result) trigger_error("Query: $query\n <br />MySQL Error: " . mysql_error());
else {...some code...}

Answer 2

我不知道您的数据库字段，但在您的查询中，您要求的行，其中字段“active”设置为null（.. AND active IS NULL）。您确定在活动帐户中此字段是否为空？也许请查看您的查询（echo mysql_num_rows ($result)）获得的行数，并检查它为何不是1。

PHP登录表单失败

2 个答案: