帮助显示主页上的登录错误

时间:2017-04-09 20:46:16

标签: php html authentication mysqli login

我正在测试我正在构建的学习计划者的登录系统。至于现在,该应用程序似乎让我登录和注销好,但我当前的问题是它不会在index.php上显示错误消息($error变量)(它们在login.php文件)应该是什么时候。所以,我想知道是否有人能指出我正确的方向,因为我似乎无法弄清楚我做错了什么。

我可以发布整个文件,但除了我不想淹没潜在助手的事实外,我已经包含了我认为最重要的文件,即login.php和index.php但是如果需要,我也可以包括其他人。

提前感谢你。

的login.php:

<?php

// Start session
session_start();
// Variable to store error message
$error = '';
// If the login form (Note that the 'submit' refers to the 'name' attribute of the login form) has been submitted...
if (isset($_POST['submit'])) {
    // If username or password is not provided...
    if (empty($_POST['username']) || empty($_POST['password'])) {
        // ...tell user that login details are invalid.
        $error = "Please fill in both your username and your password";
        // Else...
    } else {
        // ...put the provided username and password in variables $username and $password, respectively
        $username = $_POST['username'];
        $password = $_POST['password'];
        // Establish connection to the server
        $mysqli = mysqli_connect("localhost", "root", "");
        // set up measures to counter potential MySQL injections
        $username = stripslashes($username);
        $password = stripslashes($password);
        $username = mysqli_real_escape_string($mysqli, $username);
        $password = mysqli_real_escape_string($mysqli, $password);
        // Select Database
        $db = mysqli_select_db($mysqli, "p00702");
        // SQL query to fetch information of registerd users and find user match.
        $query = mysqli_query($mysqli, "SELECT * from logins WHERE password='$password' AND username='$username'");
        // Return the number of rows of the query result and put it in $rows variable
        $rows = mysqli_num_rows($query);
        // If rows are equal to one...
        if ($rows == 1) {
            // Initialize session with the username of the user...
            $_SESSION['login_user'] = $username;
            // ...and redirect to the homepage.
            header("Location: welcome.php");
            // Make sure that codes below do not execut upon redirection.
            exit;
        // Else, 
        } else {
            // redirect user to the home page (index.php)
            header("Location: index.php");
            // and tell user that the login credentials are invalid.
            $error = "Username or Password is invalid";
        }
        // ...and close connection
        mysqli_close($mysqli);
    }
}

的index.php:

<?php
include ('login.php');
?>

<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8">
        <link rel="shortcut icon" type="image/png" href="/images/favicon.png"/>
        <title>Just-Read</title>
        <link rel="stylesheet" type="text/css" href="css/styles.css">
    </head>
    <body>
        <!-- Link to external JavaScript file -->
        <script src="javascript/validator.js"></script>
        <div id="container">
            <div id="header">
                <!-- Web site Logo -->
                <div class="logo">
                    <img src="images/logo.png" width="128" height="93.5" alt="Logo" class="logo"/>
                </div>
                <div id="logoText">
                    <h1>Just Read</h1>
                </div>
                <div id="registerLink">
                    <!-- Registration link -->
                    <h5>New around here? <a href="registration.php">Register</a></h5>
                </div>
            </div>
            <div id="leftColumn">
                <h4>Your study companion</h4>
            </div>
            <div id="rightColumn">
                <!-- Authentication Form -->
                <form name="authentication" action="login.php"  autocomplete="on" method="POST">
                    <div class="login">
                        <label><b>Username*</b></label>
                        <input type="email" id="username" name="username" placeholder="Enter your email" autofocus value=""/>
                        <label><b>Password*</b></label>
                        <input type="password" id="password" name="password" placeholder="Enter your password" value=""/>
                        <button name="submit" type="submit">Log in</button>
                        <div id="mandatoryFields">
                            <h4>* Mandatory Fields</h4>
                        </div>
                    </div>
                    <span>
                        <?php
                        echo $error;
                        ?>
                    </span>
                </form>
            </div>
            <div id="footer">
                <div id="footerText">
                    Copyright &copy; 2017, Chizzy Meka.
                </div>
            </div>
        </div>
    </body>
</html>

2 个答案:

答案 0 :(得分:2)

解决方案1:

您可以在error的网址中发送edit.php,并在index.php上发现错误,如下所示:

<强> Edit.php 

header("Location: index.php?error=" . $error);

<强>的index.php 

<?php echo isset($_GET['error']) ? $_GET['error'] : ""; ?>

解决方案2:

你可以在edit.php的session varialbe中存储错误,并在index.php上捕获错误,如下所示:

<强> Edit.php 

$error = "Username or Password is invalid";
$_SESSION['error'] = $error;
// redirect user to the home page (index.php)
header("Location: index.php");

<强>的index.php 

<?php echo isset($_SESSION['error']) ? $_SESSION['error'] : ""; ?>

如果$_SESSION['error']

,请务必取消设置$rows == 1 
if ($rows == 1) {
    unset($_SESSION['error']);

答案 1 :(得分:1)

您可以针对错误初始化 array并抓取其中的所有errors,然后通过array 循环echo例如:

$errors = [];
if(empty username or password) {
  $errors[] = 'username or email could not be empty';
}
if(username or password) {
 $errors[] = 'Username or Password is invalid';
}
// add all your conditions and get all errors

然后你可以检查错误数组中是否有错误

if(count($errors)) {
  $errors_ul = '<ul>';
  foreach($errors as $error) {
    $errors_ul .= '<li>'.$error.'</li>'; 
  }

  $errors_ul .= '</ul>';

  echo $errors_ul;

} else {
  // log the user in
}
相关问题
最新问题