如果标题令人困惑,我很抱歉,但是当我使用下面的代码运行页面并输入数据库中找不到的电子邮件时,在网页上我得到Notice: Trying to get property of non-object in C:\xampp\htdocs\Testing\login.php on line 72。而不是说这个,我希望它给出一个错误,即电子邮件没有注册。
<?php
session_start();//session starts here
if(isset($_SESSION['adminName'])||isset($_SESSION['email'])){
header("Location: welcome.php");//redirect to login page to secure the welcome page without login access.
}
?>
<html>
<head lang="en">
<meta charset="UTF-8">
<link type="text/css" rel="stylesheet" href="bootstrap-3.2.0-dist\css\bootstrap.css">
<title>Login</title>
</head>
<style>
.login-panel {
margin-top: 150px;
</style>
<body>
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="login-panel panel panel-success">
<div class="panel-heading">
<h3 class="panel-title">Sign In</h3>
</div>
<div class="panel-body">
<form role="form" method="post" action="login.php">
<fieldset>
<div class="form-group" >
<input class="form-control" placeholder="E-Mail" name="email" type="email" autofocus>
</div>
<div class="form-group">
<input class="form-control" placeholder="Password" name="pass" type="password" value="">
</div>
<input class="btn btn-lg btn-success btn-block" type="submit" value="login" name="login" >
<!-- Change this to a button or input when using this as a form -->
<!-- <a href="index.html" class="btn btn-lg btn-success btn-block">Login</a> -->
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
<?php
include("database/db_conection.php");
if(isset($_POST['login'])){
$user_email=mysqli_real_escape_string($dbcon, $_POST['email']);
$user_pass=mysqli_real_escape_string($dbcon, $_POST['pass']);
$encrypted_password = password_hash($user_pass, PASSWORD_BCRYPT);
$query = $dbcon->query("SELECT user_pass FROM users WHERE user_email='$user_email'");
$passwordValue=$query->fetch_object()->user_pass;
if (password_verify($user_pass,$passwordValue)){
echo "Success!";
}else{
echo $encrypted_password;
echo "<div class='alert alert-danger'><a href='#' class='close' data-dismiss='alert' aria-label='close'>×</a><strong>Error!</strong> Email or password entered was incorrect!</div>";
}
/*$check_user="select * from users WHERE user_email='$encrypted_email' AND user_pass='$user_pass'";
$run=mysqli_query($dbcon,$check_user);
if(mysqli_num_rows($run))
{
echo "<script>window.open('welcome.php','_self')</script>";
$_SESSION['email']=$user_email;//here session is used and value of $user_email store in $_SESSION.
}
else
{
echo "<script>alert('Email or password is incorrect!')</script>";
}*/
}
?>
这是我的login.php文件中的代码。注释中的php代码不是网页的一部分,我将在以后删除它。
答案 0 :(得分:0)
<html>
<head lang="en">
<meta charset="UTF-8">
<link type="text/css" rel="stylesheet" href="bootstrap-3.2.0-dist\css\bootstrap.css">
<title>Login</title>
</head>
<style>
.login-panel {
margin-top: 150px;
</style>
<body>
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="login-panel panel panel-success">
<div class="panel-heading">
<h3 class="panel-title">Sign In</h3>
</div>
<div class="panel-body">
<form role="form" method="post" action="login.php">
<fieldset>
<div class="form-group" >
<input class="form-control" placeholder="E-Mail" name="email" type="email" autofocus>
</div>
<div class="form-group">
<input class="form-control" placeholder="Password" name="pass" type="password" value="">
</div>
<input class="btn btn-lg btn-success btn-block" type="submit" value="login" name="login" >
<!-- Change this to a button or input when using this as a form -->
<!-- <a href="index.html" class="btn btn-lg btn-success btn-block">Login</a> -->
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
<?php
include("database/db_conection.php");
if(isset($_POST['login'])){
$user_email=mysqli_real_escape_string($dbcon, $_POST['email']);
$user_pass=mysqli_real_escape_string($dbcon, $_POST['pass']);
$encrypted_password = password_hash($user_pass, PASSWORD_BCRYPT);
if ($query = $dbcon->query("SELECT user_pass FROM users WHERE user_email='$user_email'") == false) {
echo "The email doesn't exist in the DB";
} else {
$passwordValue=$query->fetch_object()->user_pass;
if (password_verify($user_pass,$passwordValue)){
echo "Success!";
}else{
echo $encrypted_password;
echo "<div class='alert alert-danger'><a href='#' class='close' data-dismiss='alert' aria-label='close'>×</a><strong>Error!</strong> Email or password entered was incorrect!</div>";
}
/*$check_user="select * from users WHERE user_email='$encrypted_email' AND user_pass='$user_pass'";
$run=mysqli_query($dbcon,$check_user);
if(mysqli_num_rows($run))
{
echo "<script>window.open('welcome.php','_self')</script>";
$_SESSION['email']=$user_email;//here session is used and value of $user_email store in $_SESSION.
}
else
{
echo "<script>alert('Email or password is incorrect!')</script>";
}*/
}
}
?>
我添加了一个if语句,用于检查查询是否为false,如果错误,它将回显电子邮件不存在于数据库中,如果您愿意,但如果是存在,然后您完全按照自己的意愿获取密码。
答案 1 :(得分:0)
我为代码使用了if语句:$query->num_rows()(归功于@MasterOdin),如果行数等于0,那么我回复你输入的无效电子邮件。
实施例
if ($query->num_rows==0){
echo "You typed an invalid email!";
}else{
I further verified information here...
}