我有一个需要用户名和密码的登录表单。如果登录凭据错误,我希望表单顶部说“无效密码”或“无效用户名”。有人可以提供有关这样做的见解吗?
如果一个字段现在为空,则消息显示“密码无效”。我希望它有消息,即使字段中有某些内容,如果它是错误的。
这是登录表格:
<form action="index.php?action=login" method="post">
<fieldset>
<div style="color:red;"><?php echo isset($_REQUEST['err']) && $_REQUEST['err'] == 1 ? "Invalid Password" : "";?></div>
<legend>Login</legend>
<label for="loginName" class="required">Username:</label>
<input id="loginName" name="loginName" type="text"
value="" required />
<label for="password" class="required">Password:</label>
<input id="password" name="password" type="password"
value="" required />
<input id="submit" class="submit" type="submit" value="login"/>
</fieldset>
</form>
这是登录功能(适用于会员/管理员网站,因此登录到两个帐户):
function connect($loginName) {
global $db;
$query = "SELECT email, level, password FROM members WHERE email = '$loginName'";
$result = $db->query($query);
$results = $result->fetch(PDO::FETCH_ASSOC);
return $results;
}
//Login
function login($loginName, $password) {
$results = connect($loginName);
if(!$results) {
header('Location: /tire/admin/home.php?err=1');
}
if ($loginName === $results['email'] && password_verify($password,$results['password'])) {
$_SESSION['loginName'] = $loginName;
if ($results['level'] === 'a') { // 1 == Administrator
$_SESSION['level'] = 'Administrator';
header('Location: /tire/admin/home.php');
} elseif ($results['level'] === 'm') { // 1 == Member
$_SESSION['level'] = 'Member';
header('Location: /tire/member/home.php');
exit;
}
}
header('Location: /tire/admin/home.php');
}
//Logout
function logout() {
$_SESSION = array();
session_destroy();
}
@bakriawad这是我正在尝试你的建议但它仍然无法正常工作。它告诉我$ loginName和$ password是未定义的索引。
function error_message(){ unset($error);
$loginName = $_SESSION['loginName'];
{$results = connect($loginName);
$loginName === $results['email'];
$password = password_hash($_POST['password'], PASSWORD_BCRYPT);
$passwords = password_verify($password,$results['password']);
if(!$results) {$error = "Username not found";} //if no records returned, set error to no username
else //if found {
if ((isset($password)) !== (isset($passwords))) //check password, if matched log him in
{ $error = "Password is wrong"; } //if not matched then set error message
}
}
if(isset($error))echo $error; //if there is an error print it, this can be anywhere in the page
}
答案 0 :(得分:1)
PHP方面: (peusedo代码)
{
unset($error); // or $error="";, just reset it
$loging = select from database where username = 'username'; //get data from database
if(!$loging) {$error = "Username not found";} //if no records returned, set error to no username
else //if found
{
if ($password == $loging['pass']) {login();} //check password, if matched log him in
else $error = "Password is wrong"; //if not matched then set error message
}
if(isset($error))echo $error; //if there is an error print it, this can be anywhere in the page
}
Java脚本方:
对php函数进行ajax调用,检查登录发送用户名和密码,如果正确则将页面重定向到欢迎屏幕,如果不改变框的样式和/或显示错误消息 你将不得不研究这个,因为我从未使用过ajax
尝试自己动手,如果你绊倒我会乐意为你提供样品