我最近使用了http://tutsforweb.blogspot.co.uk/2012/05/registration-system-with-email.html的教程。我在我的用户表中添加了一个名为'com_code'的新字段,并将默认值定义为NULL。
confirm.php和registeraction.php都工作,因为当用户注册时,passkey变量被插入到数据库的com_code字段中,当他们点击电子邮件中的验证链接时,com_code字段是然后设置为NULL。
我的问题是当这个用户登录时,会出现一个空白页(其中url卡在loginaction.php处理表单的位置)。我在loginaction.php代码中出错的任何想法?我是PHP的新手,所以尽可能多的解释会很棒!!
loginaction.php
<?php require 'config/init.php';
// Get the data collected from the user and database
$email = trim($_POST["email"]);
$password = trim($_POST["password"]);
//Check for errors
if (empty($email) or empty($password)) {
$_SESSION["message"] = "Must enter Email and Password ";
header("Location: login.php"); //Redirection information
exit ;//Ends the script
}
$email = strip_tags($email);
$password = strip_tags($password);
$pwd = $_POST["password"];
$sql = "SELECT * FROM user WHERE email='$email' AND com_code is NULL";
$result = mysqli_query($mysqli,$sql)or die(mysqli_error());
if ($result->num_rows === 1) {
$row = $result->fetch_array(MYSQLI_ASSOC);
if (password_verify($pwd, $row['password'])) {
$_SESSION["authenticatedUserEmail"] = $email;
$_SESSION["unauthenticatedAdmin"] = $_SESSION['usertype'] == '0';
//We could also use information drawn from the database eg ID
$_SESSION['id'] = $row['id'];
$_SESSION['first_name'] = $row['first_name'];
$_SESSION['last_name'] = $row['last_name'];
$_SESSION['password'] = $row['password'];
$_SESSION['username'] = $row['username'];
$_SESSION['usertype'] = $row['usertype'];
$_SESSION['email'] = $row['email'];
if ($_SESSION['usertype'] == '1') {
header("Location: admin.php");
} else {
header("Location: profile.php");
}
}
else {
//Login was unsuccessful
$_SESSION["message"] = "Could not login as $email";
header("Location: login.php"); //Go back to the login pages
}
}//End else
?>