这是我的注册页面:
<?php
error_reporting (E_ALL ^ E_NOTICE);
?>
<html>
<head>
<title>Registration Page</title>
</head>
<body>
<?php
if ( $_POST['registerbtn']){
$getuser = $_POST['user'];
$getemail = $_POST['email'];
$getpass = $_POST['pass'];
$getretypepass = $_POST['retypepass'];
if ($getuser){
if ($getemail){
if($getpass){
if($getretypepass){
if($getpass === $getretypepass){
if((strlen($getemail) >= 7) && (strstr($getemail,"@")) && (strstr($getemail,"."))) {
require("./connect.php");
$query = mysql_query("SELECT * FROM users WHERE username='$getuser'");
$numrows = mysql_num_rows($query);
if ($numrows == 0)
{
$query = mysql_query("SELECT * FROM users WHERE email='$getemail'");
$numrows = mysql_num_rows($query);
if ($numrows == 0 )
{
// $password = md5($password);
$password = md5(md5("qwe".$password."qwe"));
$date = date("F d, Y");
$code = md5(rand());
mysql_query("INSERT INTO users VALUES('', '$getuser','$password','$getemail','0','$code','$date')");
echo "Your acount has been created! You can log in here <a href=./login.php>Log in</a>";
// $query = mysql_query("SELECT * FROM users WHERE username='$getuser'");
// $numrows = mysql_num_rows($query);
// if($numrows == 1 )
// {
// $site = "http://localhost/";
// $webmaster = "Reem <ralsuhai@kent.edu>";
// $headers = "From: $webmaster";
// $subject = "Activate your account";
// $message = "Thanks for registering. Click the link below to activate your account";
// $message .= "$site/activate.php?user=$getuser&code=$code\n";
// $message .= "You must activate your account to login.";
// if ( mail($getemail,$subject, $message, $headers));{
// $errormsg = "You have been registered. You must activate your account from the activiation link sent to <b>$getemail</b>";
// $getuser = "";
// $getemail="";
// }
//else
// $errormsg = "An error has occured. Your activation email was not sent.";
//}
// else
// $errormsg = "An error has occured. Your acccount was not created";
}
else
$errormsg = "There is already a user with that Email.";
}
else
$errormsg = "There is already a user with that username.";
mysql_close();
}
else
$errormsg = "You must enter a valid email address to register";
}
else
$errormsg = "Your passwords did not match";
}
else
$errormsg = "You must retype your password to register.";
}
else
$errormsg = "You must enter your password to register.";
}
else
$errormsg = "You must enter your email to register.";
}
else
$errormsg = "You must enter your username to register.";
}
else
$form = "<form action='./register.php' method='post'>
<table>
<tr>
<td></td>
<td><font color='red'>$errormsg</font></td>
</tr>
<tr>
<td>Username:</td>
<td><input type='text' name='user' value='$getuser'/></td>
</tr>
<tr>
<td>Email:</td>
<td><input type='text' name='email' value='$getemail'/></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='pass' value=''/></td>
</tr>
<tr>
<td>Retype Password:</td>
<td><input type='password' name='retypepass' value=''/></td>
</tr>
<tr>
<td></td>
<td><input type='submit' name='registerbtn' value='Register'/></td>
</tr>
</table>
</form>";
echo $form;
?>
</body>
</html>
这是我的login.php:
<?php
error_reporting (E_ALL ^ E_NOTICE);
session_start();
$userid = $_SESSION['userid'];
$username = $_SESSION['username'];
?>
<html>
<head>
<title> Login page </title>
</head>
<body>
<?php
if($username && $userid){
echo "You are already looged in as <b>$username</b>. <a href=./customer_account.php>Click here</a>";
}
else
{
$form = "<form action='./login.php' method='post'>
<table>
<tr>
<td>Username:</td>
<td><input type='text' name='user' /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password' /></td>
</tr>
<tr>
<td>Username</td>
<td><input type='submit' name='loginbtn' value='Login'/></td>
</tr>
<tr>
<td><a href='./register.php'>Register</a></td>
<td><a href='./forgetpass.php'>Forget your password?<a/></td>
</tr>
</table>
</form>";
if ($_POST['loginbtn']){
$user = $_POST['user'];
$password = $_POST['password'];
if ($user)
{
if ($password)
{
require("connect.php");
//$password = md5($password);
$password = md5(md5("qwe".$password."qwe"));
$query = mysql_query("SELECT * FROM users WHERE username='$user'");
$numrows = mysql_num_rows($query);
if ($numrows == 1)
{
$row = mysql_fetch_assoc($query);
$dbid = $row['id'];
$dbuser = $row['username'];
$dbpass = $row['password'];
$dbactive = $row['active'];
if ($password == $dbpass)
{
if($dbactive == 1)
{
$_SESSION['userid'] = $dbid;
$_SESSION['username'] = $dbuser;
echo "You have been logged in as <b>$dbuser</b>. <a href='./customer_account.php'>Click here</a> to go to the member page.";
}
else
echo "you must activate your account to log in. $form";
}
else
echo "You did not enter the correct password. $form";
}
else
echo "The username you have entered was not found. $form";
}
else
echo "You must enter your password. $form";
}
else
echo "You must enter your username. $form";
}
else
echo $form;
}
?>
</body>
</html>
SQL表:
--
-- Table structure for table `users`
--
CREATE TABLE `users` (
`id` bigint(20) NOT NULL auto_increment,
`username` varchar(50) NOT NULL,
`password` varchar(50) NOT NULL,
`email` varchar(200) NOT NULL,
`active` tinyint(1) NOT NULL,
`code` varchar(25) NOT NULL,
`date` varchar(50) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=17 ;
在匹配两个密码时存在问题,数据库中的密码和用户输入的密码,密码是正确的但不允许我输入错误:&#34;您的密码不匹配&# 34;出现。
答案 0 :(得分:0)
我首先回应变量$ password和$ dbpass。这将是一个很好的起点。它可能没有返回结果来填充$ dbpass变量,或者可能有空格等