可能重复:
Login script problem
如果我输入loginchk.php的URL我应该得到“你错误来到这里,不是吗?”但我得到“你没有填写必填字段”。请帮忙:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" >
<head>
<title>Login | JM Today </title>
<link href="Mainstyles.css" type="text/css" rel="stylesheet" />
</head>
<body>
<div class="container">
<?php include("header.php"); ?>
<?php include("navbar.php"); ?>
<?php include("cleanquery.php") ?>
<div id="wrap">
<?php
ini_set('display_errors', 'On');
error_reporting(E_ALL | E_STRICT);
$conn=mysql_connect("localhost", "***", "***") or die(mysql_error());
mysql_select_db('jmtdy', $conn) or die(mysql_error());
if(( strlen($_POST['user']) >0) && (strlen($_POST['pass']) >0) && isset($_POST['sublogin'])) {
checklogin($_POST['user'], $_POST['pass']);
}
elseif(( strlen($_POST['user']) == 0) || (strlen($_POST['pass']) == 0) && isset($_POST['sublogin'])){
echo '<p class="statusmsg">You didn\'t fill in the required fields.</p><br/><input type="button" value="Retry" onClick="location.href='."'login.php'\">";
return;
}
else{
echo '<p class="statusmsg">You came here by mistake, didn\'t you?</p><br/><input type="button" value="Retry" onClick="location.href='."'login.php'\">";
return;
}
function checklogin($username, $password){
$username=mysql_real_escape_string($username);
$password=mysql_real_escape_string($password);
$result=mysql_query("select * from users where username = '$username'");
if($result != false){
$dbArray=mysql_fetch_array($result);
$dbArray['password']=mysql_real_escape_string($dbArray['password']);
$dbArray['username']=mysql_real_escape_string($dbArray['username']);
if(($dbArray['password'] != $password ) || ($dbArray['username'] != $username)){
echo '<p class="statusmsg">The username or password you entered is incorrect. Please try again.</p><br/><input type="button" value="Retry" onClick="location.href='."'login.php'\">";
return;
}
$_SESSION['username']=$username;
$_SESSION['password']=$password;
if(isset($_POST['remember'])){
setcookie("jmuser",$_SESSION['username'],time()+60*60*24*356);
setcookie("jmpass",$_SESSION['username'],time()+60*60*24*356);
}
}
else{
echo'<p class="statusmsg"> The username or password you entered is incorrect. Please try again.</p><br/>input type="button" value="Retry" onClick="location.href='."'login.php'\">";
return;
}
}
?>
</div>
<br/>
<br/>
<?php include("footer.php") ?>
</div>
</body>
</html>
答案 0 :(得分:3)
strlen($_POST['user']) == 0
true,评估为$_POST,则应将其替换为
isset($_POST['user']) && empty($_POST['user'])
答案 1 :(得分:1)
检查此行的问题:
elseif(( strlen($_POST['user']) == 0) || (strlen($_POST['pass']) == 0) && isset($_POST['sublogin'])){
AND(&amp;&amp;)在OR(||)之前进行评估,因此表达式的计算结果为true。请查看http://php.net/manual/en/language.operators.precedence.php以供参考。
您实际需要的是用户/传递部分周围的另一组括号:
elseif(( ( strlen($_POST['user']) == 0) || (strlen($_POST['pass']) == 0) ) && isset($_POST['sublogin'])){
或者为什么不检查$ _POST ['sublogin']是否在设置用户/传递数据之前设置?