检查电子邮件和密码是否正确

时间:2014-09-30 14:25:25

标签: php

我需要确认电子邮件和密码是否正确,但它适用于我输入的任何密码。有什么问题?这是代码:

<?php
if(isset($_POST['submit'])){
    $email = mysql_real_escape_string($_POST['email']);
$pass = $_POST['password'];
$hash = hash("sha512", $pass);
$hash1 = hash("whirpool", $hash);
$hash2 = hash("sha384", $hash1);
$password = $hash2;

    $query=mysql_query("SELECT * FROM register WHERE email='$email' AND password='$password'") or die(mysql_error());
    $count=mysql_num_rows($query);
 if($count==1){

    while ($row=mysql_fetch_array($query)) {
    $username=$row['username'];
  $heslo=$row['password'];
    $_SESSION['valid'] = $username;
if(isset($_SESSION['valid'])){
        $realtime = date("d-m-Y h:i:s"); 
        $session = $_SESSION['valid'];
        echo "<script>    window.location.replace('index.php');
</script>";
header("Location: index.php");
    }else{
        echo "Přihlášení neproběhlo správně";
    }
}
}
}
?>

2 个答案:

答案 0 :(得分:1)

你面临的问题是你拼错了“漩涡”它应该是“漩涡”

答案 1 :(得分:0)

我已经改变了一些代码,这似乎有效。大括号的顺序是为你弄乱的,因为else指向不正确的if。

我在整个脚本中添加了注释,因此您可以看到我想说的内容。

mysql_connect('localhost','user','pass');
mysql_select_db('test');

# You can use your post methods, I've used these for testing.
$email = mysql_real_escape_string('email');
$pass = $_GET['pw'];


$hash = hash("sha512", $pass);
$hash1 = hash("whirlpool", $hash);
$hash2 = hash("sha384", $hash1);
$pass = $hash2;

# Now you can see the PW input  
echo $pass."<br>";

# Nonsense
$password = $pass;

    # By using $sql you can echo your query to see what results would it yield upon running it.
    $sql = "SELECT * FROM test WHERE em='$email' AND pw='$password'";
    $query=mysql_query($sql) or die(mysql_error());
    $count=mysql_num_rows($query);

    # Echo stuff to see what their results are
    echo $sql."<br>";
    echo $count."<br>";


    # Let's see if we all got it right?
     if($count==1){

    while ($row=mysql_fetch_array($query)) {
    $username=$row['un'];
    $heslo=$row['pw'];
    $_SESSION['valid'] = $username;

if(isset($_SESSION['valid'])){
        $realtime = date("d-m-Y h:i:s"); 
        $session = $_SESSION['valid'];

        # Commented out for testing purposes. I mean the header.
        echo "all is well";
        //header("Location: index.php");
} // this closes the if(isset... 
} // this closes the while loop
# Note that the curly brackets have changed. Now the else points correctly to the other branch if $count is not equal to 1.
}   else {
        echo "Přihlášení neproběhlo správně";
    }
相关问题
最新问题