我正在尝试为用户创建一个登录表单,除密码部分外,一切似乎都正常。每当我输入正确的密码时,它会给出当用户输入错误密码时应显示的错误消息。这是我的代码中处理密码部分的部分。真的很感激一些帮助。 运行代码后显示的消息是: - "密码不正确,请再试一次"
//coding from here starts after the connection with server
if(isset($_COOKIE['ID_my_site']))
{
$email = $_COOKIE['ID_my_site'];
$password = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM admintable WHERE email = '$email'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($password != $info['password'])
{
}
else
{
header("Location: members.php");
}
}
}
if (isset($_POST['submit']))
{
if(!$_POST['email'] | !$_POST['password'])
{
die('You did not fill in a required field.');
}
if (!get_magic_quotes_gpc())
{
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM admintable WHERE email = '".$_POST['email']."'")or die(mysql_error());
$check2 = mysql_num_rows($check);
if ($check2 == 0)
{
die('That user does not exist in our database');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['password'] = stripslashes($_POST['password']);
$info['password'] = stripslashes($info['password']);
$_POST['password'] = md5($_POST['password']);
if ($_POST['password'] != $info['password'])
{
die('Incorrect password, please try again.');
}
else
{
$_POST['email'] = stripslashes($_POST['email']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['email'], $hour);
setcookie(Key_my_site, $_POST['password'], $hour);
header("Location: members.php");
}
}
}
else
{
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
Email <br><input type="text" name="email" size="40"><br>
Password <br><input type="password" name="password" size="40"><br>
<input id="button" type="submit" name="submit" value="Log-In">
</form>
<?php
}
?>
答案 0 :(得分:2)
您的代码似乎很好,在我的实例中工作,Spaces可能是一个问题,
请尝试将查询用作
"SELECT
trim(password) as password
FROM
admintable
WHERE
email = '".$_POST['email']."'"
也将帖子值用作
$_POST['password'] = md5(trim($_POST['password']));
同时检查您是否没有单个电子邮件地址的多条记录
答案 1 :(得分:0)
尝试记录两个密码,可能是区分大小写的问题。
echo($_POST['password'] );
echo($info['password']);
答案 2 :(得分:0)
<?php
if(isset($_COOKIE['ID_my_site']))
{
$email = $_COOKIE['ID_my_site'];
$password = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM admintable WHERE email = '$email'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($password != $info['password'])
{
}
else
{
header("Location: members.php");
}
}
}
if (isset($_POST['submit']))
{
if(!$_POST['email'] || !$_POST['password'])
{
die('You did not fill in a required field.');
}
if (!get_magic_quotes_gpc())
{
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM admintable WHERE email = '".$_POST['email']."'")or die(mysql_error());
$check2 = mysql_num_rows($check);
if ($check2 == 0)
{
die('That user does not exist in our database');
}
while($inform = mysql_fetch_array( $check ))
{
$_POST['password'] = stripslashes($_POST['password']);
$info['password'] = stripslashes($info['password']);
$pass = $_POST['password'] = md5($_POST['password']);
foreach ($inform as $info) {
if ($pass != $info['password'])
{
die('Incorrect password, please try again.');
}
else
{
$_POST['email'] = stripslashes($_POST['email']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['email'], $hour);
setcookie(Key_my_site, $_POST['password'], $hour);
header("Location: members.php");
}
}
}
}
else
{
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
Email <br><input type="text" name="email" size="40"><br>
Password <br><input type="password" name="password" size="40"><br>
<input id="button" type="submit" name="submit" value="Log-In">
</form>
<?php
}
?>