Question

我有这个PHP登录脚本，应该输入输入的用户名＆amp;密码，根据MySQL中的值检查（使用通过SHA1加密的密码），然后如果登录成功则将用户重定向到“dash.php”，否则将打印错误。但是每当我提交表单时，它只是重新加载login.php ...我在某个地方犯了一个愚蠢的错误还是我错过了什么？抱歉这个巨大的帖子！

login.php（包含表格）：

//Form Action
<?php

error_reporting(E_ALL);
ini_set('display_errors','1');

if ($_SERVER['REQUEST_METHOD'] == 'POST') {

    require ('scripts/mysqli_connect.php');

    require ('scripts/login_functions.php');


    list ($check, $data) = check_login($dbc, $_POST['username'], $_POST['password']);

    if($check) {

        redirect_user('dash.php');
    } else {
        $errors = $data;
    }

    mysqli_close($dbc);
}

?>

// Website HTML

//Form
<form class="contact-form" method="post" action="login.php">
                    <div class="col-sm-5 col-sm-offset-1">
                        <div class="form-group">
                            <label>Username: </label>
                            <input type="text" name="username" id="username" size="15" class="form-control" required="required" placeholder="username">
                        </div>
                        <div class="form-group">
                            <label>Password: </label>
                            <input type="password" name="password" id="password" size="15" class="form-control" required="required" placeholder="password">
                        </div>                        
                        <div class="form-group">
                            <input type="submit" name="submit" value="Login" />
                        </div>
                    </div>
                </form>

login_functions.php：

<?php

function redirect_user ($page = '../login.php') {
    $url = "http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);

    $url = rtrim($url, '/\\');

    $url .= '/' . $page;

    //Redirect User

    header("Location: $url");
    exit(); //Quit the script.

}


function check_login($dbc, $username = '', $password = '') {
    $errors = array();

    if(empty($username)) {
        $errors[] = 'You forgot to enter your username.';
    } else {
        $u = mysqli_real_escape_string($dbc, trim($username));
    }

    if(empty($password)) {
        $errors[] = 'you forgot to enter your passord.';
    } else {
        $p = mysqli_real_escape_string($dbc, trim($password));
    }

    if (empty($errors)) {

        $q = "SELECT username, password FROM users WHERE username='$u' AND password=sha1('$p')";
        $r = @mysqli_query ($dbc, $q);


        //Check Results

        if(mysqli_num_rows($r) == 1) {

            $row = mysqli_fetch_array ($r, MYSQLI_ASSOC);

            return array(true, $row);
        } else {
            $errors[] = 'The username/password combination is incorrect.';
        }
    }

}


?>

Answer 1

你没有回复错误：

    return array(true, $row);
} else {
    $errors[] = 'The username/password combination is incorrect.';
    $return array(false, $errors);
}

并且您没有显示错误：

// Website HTML

<?php if ($errors):?>    
    <?php echo '<p>' . implode('</p><p>', $errors) . '<p>';?>
<?php endif;?>
//Form
<form class="contact-form" method="post" action="login.php">

行为不端的登录脚本

1 个答案: