所以,我有以下代码:
<?php
mysql_connect("HOSTADDRESS", "USERNAME", "PASS") or die(mysql_error());
mysql_select_db("DATABASENAME") or die(mysql_error());
//Checks if there is a login cookie;
if(isset($_COOKIE["ID_my_site"]))
//If there is, it logs you in and directs you to the member page
{
$username = $_COOKIE["ID_my_site"];
$pass = $_COOKIE["ID_my_site"];
$check = mysql_query("SELECT * FROM userdata WHERE emailaddress = '$emailaddress'") or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info["password"])
{
}
else
{
header("Location: members.php");
}
}
}
//If the login form is submitted;
if (isset($_POST["submit"])) { //If form has been submitted
//Makes sure they are filled in
if(!$_POST["emailaddress"] | !$_POST["pass"]) {
die("You did not fill in all required fields.");
}
//Checks it against the database;
if (!get_magic_quotes_gpc()) {
$_POST["email"] = addslashes($_POST["email"]);
}
$check = mysql_query("SELECT * FROM userdata WHERE emailaddress = '".$_POST["emailaddress"]."'") or die(mysql_error());
//Gives error if user doesn't exist;
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die("That users does not exist in our database. <a href=register.php>Click here to register</a>");
}
while($info = mysql_fetch_array( $check ))
{
$_POST["pass"] = stripslashes($_POST["pass"]);
$info["password"] = stripslashes($info["password"]);
$_POST["pass"] = md5($_POST["pass"]);
//Gives error if the password is wrong
if ($_POST["pass"] != $info["password"]) {
die("Incorrect password, please try again.");
}
else
{
//If login is ok then we add a cookie
$_POST["emailaddress"] = stripslashes($_POST["emailaddress"]);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST["emailaddress"], $hour);
setcookie(Key_my_site, $_POST["pass"], $hour);
//Then it redirects them to the members area
header("Location: members.php");
}
}
}
else
{
//If they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Email Address:</td><td>
<input type="text" name="emailaddress" maxlength="60">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="12">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
当我尝试通过网站登录时,即使密码与数据库中的密码相同,也会显示“密码不正确,请重试”。如果我尝试使用在数据库中找到的加密版本的密码,它也会显示此消息。请有人帮我解决这个错误吗?
答案 0 :(得分:-1)
if(!$_POST["emailaddress"] | !$_POST["pass"]) {
使用||
所以
if(!$_POST["emailaddress"] || !$_POST["pass"]) {