在登录

时间:2015-08-26 21:51:25

标签: php mysql mysqli

我希望不同的用户类型在登录时看到不同的索引页面。我已将他们应该看到的页面放在usertype表的主页列中。我认为脚本的以下部分会为我做,但它只是保留在login_action.php页面上。我无法弄清楚如何去除它。 mysqli会错误或死吗?如果是这样我会把它放在哪里?

$result1 = mysqli_query($dbc, "select users.userid, users.usertypeid, usertype.homepage from users  INNER JOIN usertype ON users.usertypeid = usertype.usertypeid  WHERE users.username = '$input1';") or die(mysqli_error ($dbc)) ;
  # On success set session data and display logged in page.
  if ( $check )  
  {
  while($row1 = mysqli_fetch_array($result1))
  {
    # Access session.
    session_start();
    $_SESSION[ 'userid' ] = $row1[ 'userid' ] ;
    $_SESSION[ 'username' ] = $data[ 'username' ] ;
    $_SESSION[ 'usertypeid' ] = $row1[ 'usertypeid'];
    $_SESSION['logged_in'] = true; 
    $_SESSION['last_activity'] = time(); 
    $_SESSION['expire_time'] = 30000;
    $_SESSION['homepage'] = $row1['homepage'];
    load ($row1['homepage']) ;
}
  }

完整的php文件如下(减去每个页面上包含的标题,并包含正常工作的数据库连接):

的login.php 

<?php 

# Display any error messages if present.
if ( isset( $errors ) && !empty( $errors ) )
{
 echo '<p id="err_msg">Oops! There was a problem:<br>' ;
 foreach ( $errors as $msg ) { echo " - $msg<br>" ; }
 echo 'Please try again or email support for help</p>' ;
}
?>

<!-- Display body section. -->
<h1>Login</h1>
<form action="login_action.php" method="post">
<p>User Name: <input type="text" name="username"> </p>
<p>Password: <input type="password" name="password"></p>
<p><input type="submit" value="Login" ></p>
</form>

</div>

login_action.php 

<?php # PROCESS LOGIN ATTEMPT.

# Check form submitted.
if ( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )
{

//open the database connection
include'connect_db.php';
$input1 = $_POST['username'];

  # Get connection, load, and validate functions.
  require ( 'login_tools.php' ) ;

  # Check login.
  list ( $check, $data ) = validate ( $dbc, $_POST[ 'username' ], $_POST[ 'password' ] ) ;

$result1 = mysqli_query($dbc, "select users.userid, users.usertypeid, usertype.homepage from users  INNER JOIN usertype ON users.usertypeid = usertype.usertypeid  WHERE users.username = '$input1';") or die(mysqli_error ($dbc)) ;
  # On success set session data and display logged in page.
  if ( $check )  
  {
  while($row1 = mysqli_fetch_array($result1))
  {
    # Access session.
    session_start();
    $_SESSION[ 'userid' ] = $row1[ 'userid' ] ;
    $_SESSION[ 'username' ] = $data[ 'username' ] ;
    $_SESSION[ 'usertypeid' ] = $row1[ 'usertypeid'];
    $_SESSION['logged_in'] = true; 
    $_SESSION['last_activity'] = time(); 
    $_SESSION['expire_time'] = 30000;
    $_SESSION['homepage'] = $row1['homepage'];
    load ($row1['homepage']) ;
}
  }
  # Or on failure set errors.
  else { $errors = $data; } 

  # Close database connection.
  mysqli_close( $dbc ) ; 
}

# Continue to display login page on failure.
include ( 'login.php' ) ;

?>

login_tools.php 

<?php # LOGIN HELPER FUNCTIONS.

# Function to load specified or default URL.
function load( $page = 'login.php' )
{
  $url = 'http://' . $_SERVER[ 'HTTP_HOST' ] . dirname( $_SERVER[ 'PHP_SELF' ] ) ;
  # Remove trailing slashes then append page name to URL.
  $url = rtrim( $url, '/\\' ) ;
  $url .= '/' . $page ;
  # Execute redirect then quit.
  header( "$url" ) ;
  exit() ;
}

# Function to check email address and password. 
function validate( $dbc, $username = '', $password = '')
{
  # Initialize errors array.
  $errors = array() ; 

  # Check username field.
  if ( empty( $username ) ) 
  { $errors[] = 'Enter your username.' ; } 
  else  { $u = mysqli_real_escape_string( $dbc, trim( $username ) ) ; }

  # Check password field.
  if ( empty( $password ) ) 
  { $errors[] = 'Enter your password.' ; } 
  else { $p = mysqli_real_escape_string( $dbc, trim( $password ) ) ; }

  # On success retrieve user_id, user_name from 'users' database.
  if ( empty( $errors ) ) 
  {
    $q = "SELECT userid, username FROM users WHERE username='$u' AND pass=SHA1('$p')" ;  
    $r = mysqli_query ( $dbc, $q ) or die(mysqli_error ($dbc))  ;
    if ( @mysqli_num_rows( $r ) == 1 ) 
    {
      $row = mysqli_fetch_array ( $r, MYSQLI_ASSOC ) ;
      return array( true, $row ) ; 
    }
    # Or on failure set error message.
    else { $errors[] = 'Username and password not found.' ; }
  }
  # On failure retrieve error message/s.
  return array( false, $errors ) ; 
}

1 个答案:

答案 0 :(得分:0)

尝试将查询放在单独的字符串中然后运行它。这有助于您找到错误。

$query = "select users.userid, users.usertypeid, usertype.homepage from users  INNER JOIN usertype ON users.usertypeid = usertype.usertypeid  WHERE users.username = '$input1';";
$result1 = mysqli_query($dbc, $query);
if (!$result1) die("Tried executing: " . $query . ", but got error: " .   mysqli_error($dbc));

然后我将打印查询并在mysql控制台或Phpmysql SQL框中手动输入,以查看问题的确切位置。

相关问题
最新问题