登录系统给出错误

时间:2015-08-01 18:53:43

标签: php login content-management-system login-system

我有一个登录系统,应该是什么工作,但我得到“检查您的登录详细信息”。

我确信细节还可以,但是给出错误。

dologin.php 

<?php

include('includes/functions.php');

if(isset($_POST['login'])) {
  if(isset($_POST['username'])) {
    if(isset($_POST['password'])) {
        $username = $_POST['username'];
        $query = mysql_query("SELECT * FROM cm_users WHERE Username = '$username'") or die(mysql_error());
        $user = mysql_fetch_array($query);

        if(md5($_POST['password']) == $user['Password']) {
            echo "Login successful";
            $_SESSION['user'] = $user['Username'];
            header("Location: index.php");
        } else {
            echo "Please check your login details!";
            include('login.php');
        }
    } else {
            echo "Please check your password!";
            include('login.php');
    }
    } else {
    echo "Please check your username!";
    include('login.php');
    }
    } else {
    echo "Please check that you filled out the login form!";
    include('login.php');
    }
?>

2 个答案:

答案 0 :(得分:2)

你所说的一切都是正确的,很容易测试,毕竟这是调试101。

<?php

include('includes/functions.php');

if(isset($_POST['login'])) {
  if(isset($_POST['username'])) {
    if(isset($_POST['password'])) {
        $username = $_POST['username'];
        $query = mysql_query("SELECT * FROM cm_users WHERE Username = '$username'") or die(mysql_error());
        $user = mysql_fetch_array($query);

        //Proof debug code

        echo 'Database password = ' . $user['Password'] . '<br>';
        echo 'md5 of input password = ' . md5($_POST['password']) . '<br>';
        echo 'ARE THEY THE SAME' . '<br>';



        if(md5($_POST['password']) == $user['Password']) {
            echo "Login successful";
            $_SESSION['user'] = $user['Username'];
            header("Location: index.php");
        } else {
            echo "Please check your login details!";
            include('login.php');
        }
    } else {
            echo "Please check your password!";
            include('login.php');
    }
    } else {
    echo "Please check your username!";
    include('login.php');
    }
    } else {
    echo "Please check that you filled out the login form!";
    include('login.php');
    }
?>

哦,顺便说一句,MD5不再被认为是安全的。看看这个manual page for how it should be done now

答案 1 :(得分:0)

<强>的login.php 

<html>
<head>
<title>Basic CMS - Admin Area</title>
</head>
<body>
<?php
session_start();
if(isset($_SESSION['user'])) {
header("Location: index.php");
} else {
?>
<form action="dologin.php" method="post">
<table>
<tr>
    <td><span>Username:</span></td>
    <td><input type="text" name="username" /></td>
</tr>
<tr>
    <td><span>Password:</span></td>
    <td><input type="password" name="password" /></td>
</tr>
<tr>
    <td colspan="2" align="right"><input type="submit" name="login"   value="Login" /></td>
</tr>
</table>
</form>
<?php } ?>
</body>
</html>

<强>的index.php 

<html>
<head>
<title>Basic CMS - Admin Area</title>
</head>
<body>
<?php
 session_start();
if(isset($_SESSION['user'])) {
?>
<span>Logged in! Welcome <?php echo $_SESSION['user'];?></span>
<?php
} else {
header("Location: login.php");
}
?>
</body>
</html>

现在我遇到了一个奇怪的问题,代码,我之前粘贴的东西(login.php)应该用dologin.php检查每个细节都没关系然后login.php应该重定向到index.php,我得到“登录!欢迎马塞尔“

但它就像刷新一样,所以获取用户名,密码,再次提交表单。

相关问题
最新问题