我从以下网站下载了龙卷风项目的示例:https://github.com/nellessen/Tornado-Redis-Chat。 我正在尝试实现我自己的php会话登录,它连接到我的数据库,而不是使用创建者的原始python cookie登录,可以在auth.py& GitHub项目的base.py。
class LoginHandler(BaseHandler, tornado.auth.GoogleMixin):
"""
Handler for logins with Google Open ID / OAuth
http://www.tornadoweb.org/documentation/auth.html#google
"""
@tornado.web.asynchronous
def get(self):
if self.get_argument("openid.mode", None):
self.get_authenticated_user(self.async_callback(self._on_auth))
return
elif self.get_argument("start_google_oauth", None):
# Set users attributes to ask for.
ax_attrs = ['name', 'email', 'language', 'username']
self.authenticate_redirect(ax_attrs=ax_attrs)
elif self.get_argument("start_direct_auth", None):
# Get form inputs.
try:
user = dict()
user["email"] = self.get_argument("email", default="")
user["name"] = self.get_argument("name", default="")
except:
# Send an error back to client.
content = "<p>There was an input error. Fill in all fields!</p>"
self.render_default("index.html", content=content)
# If user has not filled in all fields.
if not user["email"] or not user["name"]:
content = ('<h2>2. Direct Login</h2>'
+ '<p>Fill in both fields!</p>'
+ '<form class="form-inline" action="/login" method="get"> '
+ '<input type="hidden" name="start_direct_auth" value="1">'
+ '<input class="form-control" type="text" name="name" placeholder="Your Name" value="' + str(user["name"]) + '"> '
+ '<input class="form-control" type="text" name="email" placeholder="Your Email" value="' + str(user["email"]) + '"> '
+ '<input type="submit" class="btn btn-default" value="Sign in">'
+ '</form>')
self.render_default("login.html", content=content)
# All data given. Log user in!
else:
self._on_auth(user)
PHP
<?php header('Access-Control-Allow-Origin: *'); ?>
<?php
if (isset($_POST['submit'])){
session_start();
error_reporting(0);
$username = $_POST['username'];
$password = md5($_POST['password']);
$connection = mysql_connect("localhost", "toot", "?*****"); // Establishing Connection with Server
$db = mysql_select_db("snape", $connection); // Selecting Database from Server
$sql="SELECT * FROM accs WHERE name='$username' and password='$password'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
$check = mysql_query("SELECT active FROM accs WHERE name = '$username'");
while($rows=mysql_fetch_assoc($check)){
$active = $rows['active'];
}
// If result matched $myusername and $mypassword, table row must be 1 row
if($count!=1){
echo "Wrong Username or Password";
}
elseif ($active == 0) {
echo "Your account isn't active!";
}
else {
$_SESSION['username'] = $username;
}
$time = time();
$setLogged= mysql_query("UPDATE accs SET loginstatus = '$time' WHERE name = '$username'") or die(mysql_error());
}
}
?>
我已经使我的php登录并修改了login.html中的html但登录仍然继续使用python cookie登录完全忽略我的PHP代码。然后,我尝试通过注释来禁用cookie登录,但随后整个登录完全停止工作。
有什么建议吗?