我正在登录页面上工作。当我登录它工作正常。但是,当我通过将电子邮件和密码字段留空来测试错误检查时,它不显示我的错误消息,并导航到scripts / login.php,这只是一个空白页面。忘记密码脚本也会出现同样的问题。如果我没有输入电子邮件,它会导航到scripts / forgot.php,这是一个空白页面,但如果我输入电子邮件,它仍会导航到空白页面,但是带有用户信息的电子邮件会被正确发送。
当我对login.php和forgot.php使用include时,它们工作正常。它只在我使用表单操作时。 继承我的代码:
的login.php
<?php include_once("../src/global.php");
$message = "";
if(isset($_POST['email'])){
$email = $_POST['email'];
$pass = $_POST['pass'];
$remember = $_POST['remember'];
//Error handling
if((!$email) || (!$pass)){
$message = 'Please enter your email and/or password';
}else{
$returnFields = array('Id', 'Email', 'FirstName', 'Password');
$data = $app->findByEmail($email, $returnFields);
if(isset($data[0]['Password'])) {
$contactPass = $data[0]['Password'];
$id = $data[0]['Id'];
$returnFields = array('Id', 'Email', 'FirstName', 'Password');
$data = $app->findByEmail($email, $returnFields);
if ($contactPass !== $pass ){
$message = 'The information you entered is incorrect';
}else{
//Start the session
$_SESSION['email'] = $email;
$_SESSION['pass'] = $contactPass;
$_SESSION['id'] = $id;
if($remember == "yes"){
//Create the cookies
setcookie("id_cookie", $id, time()+60*60*24*100, "/");
setcookie("pass_cookie", $contactPass, time()+60*60*24*100, "/");
}
header("Location: ../home.php");
}
}
}
}
?>
forgot.php
<?php include_once("../src/global.php");
$message = "";
if(isset($_POST['email'])){
$email = $_POST['email'];
if((!$email)){
$message = 'Please enter your email';
}else{
$returnFields = array('Id', 'Email', 'FirstName', 'Password');
$data = $app->findByEmail($email, $returnFields);
if($email != $data[0]['Email']){
$message = "There was an error processing your request. Please check that the email you entered is correct";
}else{
//Retrieve password
$pass = $data[0]['Password'];
//echo "your pass is ::".($pass)."";
$to = $data[0]['Email'];
$name = $data[0]['FirstName'];
//echo "your email is ::".$email;
//Details for sending E-mail
$url = "http://caapitesting.com/";
$body = "Hi ".$name.",
<br />
<br />
We're responding to a request you've made to retrieve your password to login to the Student Center.
<br />
<br />
------------------------------------
<br />
Email : <strong> ".$to." </strong><br />
Password : <strong> ".$pass." </strong>
<br />
------------------------------------
<br />
<br />
<a href='".$url."'>Click here to sign in to the Student Center</a>
<br /><br />
If you did not request your password, please contact us immediately by responding to this email.
<br /><br />
Sincerely,<br />
Client Attraction Support Team";
$subject = "CABS Student Password Recovery";
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
$headers .= 'From: Client Attraction Support Team <students@clientattraction.com>' . "\r\n";
mail($to, $subject, $body, $headers);
$message = "Your password has been emailed";
}
}
}
?>
的index.php
<?php include_once("src/global.php");
if($logged == 1){
header("Location: home.php");
exit();
}
?>
<!doctype html>
<html>
<head>
</head>
<body>
<div class="message"><?php print($message); ?></div>
<form action="scripts/login.php" method="post">
<input type="text" name="email" placeholder="Email" /><br>
<input type="password" name="pass" placeholder="Password" /><br>
<input id="option" type="checkbox" name="remember" value="Yes" checked="checked">
<label for="option"><span><span></span></span>Remember me</label>
<input type="submit" name="Login" value="LOGIN" />
</form>
<h6>Please enter your email</h6>
<div class="message"><?php print($message); ?></div>
<form action="scripts/forgot.php" method="post">
<input type="text" name="email" placeholder="Email" /><br>
<input type="submit" name="Submit" value="SUBMIT" />
</form>
</body>
我希望这是有道理的。提前致谢
乔
答案 0 :(得分:0)
您会收到一个空白页面,因为如果出现错误,您不会重定向或显示任何内容。因此,在底部添加重定向回index.php。如果登录成功,则无法点击此重定向,它将获得将用户发送到home.php的那个。
至于$message,您可以将其设置为login.php文件中的变量。 index.php无法看到此变量,因为它无法访问该变量。将其保存到会话变量,然后在index.php中,您可以将其设置为局部变量并取消设置会话变量。
我将在../src/global.php中假设您session_start()。如果您不这样做,则需要将其包含在每个文件的顶部。
<强>的login.php
<?php include_once("../src/global.php");
$_SESSION['message'] = "";
if(isset($_POST['email'])){
$email = $_POST['email'];
$pass = $_POST['pass'];
$remember = $_POST['remember'];
//Error handling
if((!$email) || (!$pass)) {
$_SESSION['message'] = 'Please enter your email and/or password';
} else {
$returnFields = array('Id', 'Email', 'FirstName', 'Password');
$data = $app->findByEmail($email, $returnFields);
if(isset($data[0]['Password'])) {
$contactPass = $data[0]['Password'];
$id = $data[0]['Id'];
$returnFields = array('Id', 'Email', 'FirstName', 'Password');
$data = $app->findByEmail($email, $returnFields);
if ($contactPass !== $pass ) {
$_SESSION['message'] = 'The information you entered is incorrect';
} else {
//Start the session
$_SESSION['email'] = $email;
$_SESSION['pass'] = $contactPass;
$_SESSION['id'] = $id;
if($remember == "yes") {
//Create the cookies
setcookie("id_cookie", $id, time()+60*60*24*100, "/");
setcookie("pass_cookie", $contactPass, time()+60*60*24*100, "/");
}
header("Location: ../home.php");
}
}
}
header("Location: ../index.php");
}
?>
<强>的index.php
<?php include_once("src/global.php");
if($logged == 1){
header("Location: home.php");
exit();
}
$mesasge = $_SESSION['message'];
unset($_SESSION['message']);
?>
<!doctype html>
<html>
<head>
</head>
<body>
<div class="message"><?php print($message); ?></div>
<form action="scripts/login.php" method="post">
<input type="text" name="email" placeholder="Email" /><br>
<input type="password" name="pass" placeholder="Password" /><br>
<input id="option" type="checkbox" name="remember" value="Yes" checked="checked">
<label for="option"><span><span></span></span>Remember me</label>
<input type="submit" name="Login" value="LOGIN" />
</form>
<h6>Please enter your email</h6>
<div class="message"><?php print($message); ?></div>
<form action="scripts/forgot.php" method="post">
<input type="text" name="email" placeholder="Email" /><br>
<input type="submit" name="Submit" value="SUBMIT" />
</form>
</body>
答案 1 :(得分:0)
我会修改索引页面,让表单发布到索引页面,方法是将操作留空action='',如果按下提交按钮,只需添加登录脚本或忘记脚本。这样,我可以重新使用输入的电子邮件
我会将登录部分中的提交名称更改为name="login",将忘记部分更改为name="forgot"
我会从其他脚本中删除会话消息并将其放入索引脚本
<强>的index.php
if($logged == 1){
header("Location: home.php");
exit();// you don't need this, the header will redirect the page and won't reach here
}
// if the session message is set the put it in the message otherwise set the message to nothing
$message = isset($_SESSION['message']) ? SESSION['message'] : '';
unset($_SESSION['message']);
//include the forgot.php or login.php script here
If(isset($_POST['login'])){
$_SESSION['message'] = "";
include_once("scripts/login.php");
}elseif(isset($_POST['forgot'])){
include_once("scripts/forgot .php");
}
?>
<!doctype html>
<html>
<head>
</head>
<body>
<div class="message"><?php print($message); ?></div>
<form action="" method="post">
<input type="text" name="email" placeholder="Email" /><br>
<input type="password" name="pass" placeholder="Password" /><br>
<input id="option" type="checkbox" name="remember" value="Yes" checked="checked">
<label for="option"><span><span></span></span>Remember me</label>
<input type="submit" name="login" value="LOGIN" />
</form>
<h6>Please enter your email</h6>
<div class="message"><?php print($message); ?></div>
<form action="" method="post">
<input type="text" name="email" placeholder="Email" /><br>
<input type="submit" name="forgot " value="SUBMIT" />
</form>
</body>
您需要存储加密密码才能将其存储起来。使用新的内置php密码哈希函数。你所要做的就是运行php 5或更高版本并使用默认的password_hash函数
$password_hashed = password_hash($password, PASSWORD_DEFAULT);
要存储密码并在登录脚本中使用密码_verify函数,如
$valid = password_verify($password, $contactPass);
该函数返回true或false。 在登录页面中,
<强>的login.php
<?
php include_once("../src/global.php");
//use isset to check the form values and set them to null if not set
$email = isset($_POST['email']) ? ($_POST['email'] : NULL;
$pass = isset($_POST['pass']) ? ($_POST['pass'] : NULL;
$remember = isset($_POST['remember']) ? ($_POST['remember '] : NULL ;
//Error handling use empty
if(is_null($email) || is_null($pass)) {
$_SESSION['message'] = 'Please enter your email and/or password';
} else {
$returnFields = array('Id', 'Email', 'FirstName', 'Password');
$data = $app->findByEmail($email, $returnFields);
if(isset($data[0]['Password'])) {
$contactPass = $data[0]['Password'];
$id = $data[0]['Id'];
$returnFields = array('Id', 'Email', 'FirstName', 'Password');
$data = $app->findByEmail($email, $returnFields);
if(!password_verify($pass,contactPass) ) {
$_SESSION['message'] = 'The information you entered is incorrect';
} else {
//Start the session
//$_SESSION['email'] = $email;
//$_SESSION['pass'] = $contactPass;
$_SESSION['id'] = $id;
if($remember == "yes") {
//Create the cookies
setcookie("id_cookie", $id, time()+60*60*24*100, "/");
setcookie("pass_cookie", $contactPass, time()+60*60*24*100, "/");
}
header("Location: ../home.php");
}
}
}
// Don't need to redirect
//header("Location: ../index.php");
}
?>