Question

我有这个登录功能，但是当我尝试登录时它会返回一个空白页面。这是第一种形式

<form name="form1" method="post" action="checklogin.php">
<input type="hidden" name="action" value="login">
<input type="hidden" name="hide" value="">
<table class='center'>
<tr><td>Username:</td><td><input type="text" name="username"></td></tr>
<tr><td>Password:</td><td><input type="password" name="password"></td></tr>
<tr><td>&nbsp;</td><td><input type="submit" value="Enter"></td></tr>
<tr><td colspan=2>&nbsp;</td></tr>
<tr><td colspan=2>Don't have an admin account yet? Click <a 
href="Register.php">here</a>!</td></tr>
<tr><td colspan=2>Thank you for using Sentence Scramble and Sequencer</td></tr>
</table>
</form>

其次是php文件

<?php

// Connect to server and select databse.
$server = 'localhost'; 
$username = 'root'; 
$password = ''; 
$database = 'project'; 
mysql_connect($server,$username,$password) or die(mysql_error()); 
mysql_select_db($database) or die(mysql_error());

function SignIn ()
{
    session_start();
    if(!empty($_POST['username']))
    {
        $query = mysql_query("SELECT * FROM register where myusername = '$_POST[username]' 
AND mypassword = '$_POST[password]'") or die(mysql_error());
        $row = mysql_fetch_array($query) or die(mysql_error());
        if(!empty($row['myusername']) AND !empty($row['mypassword']))
        {
            $_SESSION['myusername'] = $row['mypassword'];
            echo "SUCCESS";
        }
        else{
            echo "sorry";
        }
    }
}
if(isset($_POST['submit']))
{
    login_success.php();
}
?>

'myusername'和'mypassword'是用户在其中注册用户名和密码的表格元素。

Answer 1

您的代码存在许多问题。

您正在使用已弃用的 mysql _ * 函数。你应该切换到PDO或mysqli
您正在声明函数SignIn()但从未使用/调用它
验证凭据的方法是错误的。你应该检查一下返回的行数应该等于1
这会抛出语法错误：login_success.php();

您可能获得空白页面的原因是您将error_reporting设置为无。这就是错误被压制的原因。

因此，如果您希望代码正常工作，

    <?php
    error_reporting(E_ALL); // this will print out errors if any
    $server = 'localhost'; 
    $username = 'root'; 
    $password = ''; 
    $database = 'project'; 
    $db = new PDO("mysql:host=$server;dbname=$database;charset=utf8", '$username', '$password');

        function SignIn ($db)
        {
            session_start();
            if(!empty($_POST['username']))
            {
                $un = $_POST['username'];
                $pw = $_POST['password'];
                $stmt = $db->prepare("SELECT COUNT(*) FROM register where myusername = ? 
AND mypassword = ?");
                $stmt->execute(array($un, $pw)); 
                // this is a better approach to validate credentials       
                if($stmt->fetchColumn() == 1)
                {
                    while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
                        $_SESSION['myusername'] = $row['mypassword'];
                    }                       
                    echo "SUCCESS";
                }
                else{
                    echo "sorry";
                }
            }
            else
            {
              echo 'Username was empty. Please go back and try again.';
            }
        }
        if(isset($_POST['submit']))
        {
            SignIn($db);
        }
        else
        {
           echo 'Direct script access not allowed';
        }

Php遇到登录问题

1 个答案: