我正在处理一个用于检查已登录用户的php脚本,它包括确保他们已输入电子邮件地址和密码,连接到sql和检查数据,注册会话以及更新登录时间。
脚本不起作用,当用户完成表单并指向此页面时,它会直接转到ELSE语句后底部的错误消息。它不会更新' last_login'在sql。
我想知道我是如何开始对此脚本进行故障排除的,我可以在哪里进行错误处理?
session_start();
include 'dbconuser.php';
//post var
$email_address = $_POST['email_address'];
$password = $_POST['password'];
//check both fields completed
if((!$email_address) || (!$password))
{
echo "Please enter ALL of the information!<br/>";
include 'login.htm';
exit();
}
$password = md5($password);
//connect and check data
$sql = mysqli_query($connection, "SELECT * FROM users WHERE email_address='$email_address' AND password='$password' AND activated='1'");
$login_check = mysqli_num_rows($sql);
if($login_check > 0)
{
while($row = mysqli_fetch_array($sql))
{
foreach( $row AS $key => $val )
{
$key = stripslashes( $val );
}
// register session
$_SESSION['first_name'] = $first_name;
$_SESSION['last_name'] = $last_name;
$_SESSION['email_address'] = $email_address;
$_SESSION['user_level'] = $user_level;
mysqli_query($connection, "UPDATE users SET last_login=now() WHERE userid='$userid'");
header("Location: index.php");
}
}
//error
else
{
include 'login_error.htm';
echo "You could not be logged in! Either the email_address and password do not match or you have not validated your membership!<br />
Please try again!<br />";
}
答案 0 :(得分:1)
混合mysql和mysqli首先将您的查询更改为mysql(已被弃用),因为您使用的是全部mysql_*
$sql = mysql_query("SELECT * FROM users WHERE email_address='$email_address' AND password='$password' AND activated='1'");
session_register()和mysql_*已弃用,因此请使用$_SESSION代替session_register并使用mysqli_*代替mysql_*