即使在表格中创建了帐户,我也无法使用它登录,在输入新建帐户后,我收到“错误的用户名或密码”错误消息。试图运行查询,它只会在</body>
</html>
结束,我在这里做错了什么?也许它与数据库中的某些东西有关,请指教。
login.php文件
if($count !== 1) echo '<div class="alert alert-danger">Wrong Username or Password</div>';
index.js文件
session_start();
include("connection.php");
$missingEmail = '<p><stong>Please enter your email address!</strong></p>';
$missingPassword = '<p><stong>Please enter your password!</strong></p>';
if(empty($_POST["loginemail"])){
$errors .= $missingEmail;
}else{
$email = filter_var($_POST["loginemail"], FILTER_SANITIZE_EMAIL);
}
if(empty($_POST["loginpassword"])){
$errors .= $missingPassword;
}else{
$password = filter_var($_POST["loginpassword"], FILTER_SANITIZE_STRING);
}
if($errors){
$resultMessage = '<div class="alert alert-danger">' . $errors .'</div>';
echo $resultMessage;
}else{
$email = mysqli_real_escape_string($link, $email);
$password = mysqli_real_escape_string($link, $password);
$password = hash('sha256', $password);
$sql = "SELECT * FROM users WHERE email='$email' AND password='$password' AND activation='activated'";
$result = mysqli_query($link, $sql);
if(!$result){
echo '<div class="alert alert-danger">Error running the query!</div>';
exit;
}
$count = mysqli_num_rows($result);
//If email & password don't match print error
if($count !== 1){
echo '<div class="alert alert-danger">Wrong Username or Password</div>';
}
else {
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
$_SESSION['user_id']=$row['user_id'];
$_SESSION['username']=$row['username'];
$_SESSION['email']=$row['email'];
}
}
}
答案 0 :(得分:0)
从我可以看到你有$errors .= $missingPassword;
因为$errors
变量尚未创建,它会导致错误,因为你已经尝试在错误检查器上连接它。
您可以通过首先使用空值指定错误变量来修复该部分。
$errors = '';
if(empty($_POST["loginemail"])){
$errors .= $missingEmail;
} else {
$email = filter_var($_POST["loginemail"], FILTER_SANITIZE_EMAIL);
}
if(empty($_POST["loginpassword"])) {
$errors .= $missingPassword;
} else {
$password = filter_var($_POST["loginpassword"], FILTER_SANITIZE_STRING);
}