为什么用户名和密码不匹配

时间:2017-09-02 18:17:52

标签: php html forms session

我在这方面工作了两天,但我无法弄清楚我做错了什么。我试图创建一个简单的登录表单。我有一个用户和一个管理员。当我尝试以用户身份登录时,即使我的密码和用户名正确,并且我在调试时没有错误,用户用户名和密码也无效。

<?php
session_start();

function getDatabaseConnection() {
    $servername = "localhost";
    $username = "root";
    $password = "";
    $dbname = "Acme_jeux";

    try {
        $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username,$password);
        // set the PDO error mode to exception
        $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
        //echo "Connected successfully";
        return $conn;
    } catch (PDOException $e) {
        echo "Connection failed: " . $e->getMessage();
    }
}
$messageErreur = "";

function teteHtml($titre) {
    ?>
    <!DOCTYPE html>
    <html>
        <head>
            <title><?php echo $titre ?></title>
            <meta charset="UTF-8">
            <link rel="stylesheet" href="CSS/Styles.css">

            <script src="fonctions/javasc.js" type="text/javascript"></script>
        </head>
        <?php
    }

    function enTete($messageErreur) {
        ?>
           <!--The logo image-->

        <img src="image/logo.gif" alt="Smiley face" height="90" width="442" style="margin-left:400px;">

        <br>
        <br>
        <div id="wrapper">
            <body> 
                <header>          
                    <p style="float:right;">visitors
                         <!--The The counter for the visitors -->
                        <?php
                         include 'counter.php';
                        ?>
                    </p>
                </header>
                <br>
                <br>


                 <!--The menu -->
                <?php
            }
            ?>
            <div id="mySidenav" class="sidenav">
                <a href="index.php" id="Accueil">Accueil</a>
                <a href="enregistrement.php" id="Enregistrement">Enregistrement</a>
                <a href="achat.php" id="Jeux">Achat</a>
                <a href="Parents.php" id="Parents">Parents</a>

                                    <?php if (isset($_SESSION["uname"])) { ?>

                    <form action="index.php" method="POST">
                            <a name="deconnexion" style="width:auto;">Deconnexion</a>
                        </form>
                    <?php } else { ?>
                        <a href="login.php" id="login">Connection</a>
                    <?php } ?>


            </div>
            <?php

            ////////Footer////////////////

            function footer() {
                ?>
                <footer>
                    <div id="fot"></div>

                </footer>
        </div>

    </body>
    </html>
    <?php
}

的login.php 

<?php

include 'Fonctions/fonctions.php';
teteHtml("Login");
enTete($messageErreur);

//store the values found in SESSION
$username = "";
$password = "";
$loginError = "";
if (isset($_POST["login"])) {
    createCookie();
    echo $loginError;
} else {
    if (isset($_POST["deconnexion"])) {
        deleteCookie();
    }
}

function createCookie() {
    //if (isset($_POST["uname"], $_POST["psw"])) {
    if (isset($_POST["login"])) {
        //check if the system is lock
        if (isset($_SESSION["login_error"]) && $_SESSION["login_error"] >= 3) {
            die("Several tries are forbidden!");
        } else {


            $connection = getDatabaseConnection();


            $salted = "wrntjkhn4wervfmm" . $_POST["password"] . "wo2i45djk";
            $hashed = hash('sha512', $salted);


            $stmt = $connection->prepare("CALL p_login(?,?)");
            $stmt->bindParam(1, $_POST["username"]);
            $stmt->bindParam(2, $hashed);
            //echo json_encode($stmt->errorInfo());
            // call the stored procedure
            $stmt->execute();


            if ($row = $stmt->fetch()) {
                $_SESSION["username"] = $row["username"];
            } else if ($_POST["username"] == "admin" && $_POST["password"] == "admin") {
                $_SESSION["username"] = "admin";

            } else {
                if (isset($_SESSION["login_error"])) {
                    echo $_SESSION["login_error"] . "jjjj";
                    $_SESSION["login_error"] ++;
                } else {
                    $_SESSION["login_error"] = 1;
                }
                if ($_SESSION["login_error"] >= 3) {
                    echo "you put 3 times wrong password.";
                }
                //echo gettype($_SESSION["login_error"]). ($_SESSION["login_error"] >= 3);
                die("password and username are invalid");
            }
        }
    }
}

function deleteCookie() {
    //$_SESSION["uname"] = "";
    session_destroy();

    //refresh the page
    //header("Location: Mon_compte.php");
}

include 'html/login.html';

?>

的login.html 

<form  method="POST" action="login.php" >      
    <label><b>Username</b></label>
    <input type="text" placeholder="Enter Username" name="username" required>

    <label><b>Password</b></label>
    <input type="password" placeholder="Enter Password" name="password" required>

    <button type="submit" name="login">Login</button>
    <!--<input type="checkbox" checked="checked"> Remember me-->

    <span>Forgot <a href="#">password?</a></span>
</form>

存储过程p_login 

BEGIN
select username, password from users
    where username = p_username and password = p_password;
END

0 个答案:

没有答案
相关问题
最新问题