我正在网站上工作。但是,我有一个问题,当我填写我的登录表单时,它会卡在加载页面上。并且似乎没有在用户列表中搜索注册用户。
我是新手,请耐心等待。
以下是LoginForm.php
<form name="login" method="post" action="login.php" onsubmit="return
validate();" >
<div>Username: </br><input type="text" name="user" /> </div>
</br>
<div>Password: </br><input type="password" name="pass" /> </div>
</br>
<div><input type="submit" value="Login" style="background-color: #1daa87;
border: none; color: black; padding: 8px 52px;"></input> <input
type="reset" value="Reset" style="background-color: #1daa87; border: none;
color: black; padding: 8px 52px;"></input></div>
</form>
以下是login.php
<?php
include_once ("dbconnection.php");
session_start(); //always start a session in the beginning
if ($_SERVER['REQUEST_METHOD'] == 'GET')
{
if (empty($_GET['user']) || empty($_GET['pass'])) //Validating inputs using
PHPcode
{
echo "Incorrect username or password";
// header("location: LoginForm.php");//You will be sent to Login.php for re-
login
}
$userName = $_GET["user"]; // as the method type in the form is "post" we
areusing $_POSTotherwiseitwouldbe $_GET[]$password = $_GET["pass"];
$stmt = $db->prepare("SELECT USER, PASS FROM WEBSITEUSERS WHERE USER = ?");
// Fetching all the records with input credentials
$stmt->bind_param("s", $username); //You need to specify values to each '?'
explicitly
while usingpreparedstatements $stmt->execute();
$stmt->bind_result($UsernameDB, $PasswordDB); // Binding i.e. mapping
databaseresultstonew variables
// Compare if the database has username and password entered by the user.
Passwordhastobedecrpted
while comparing .
if ($stmt->fetch() && password_verify($password, $PasswordDB))
{
$_SESSION['user'] = $userName; //Storing the username value in session
variablesothatitcanberetrievedonotherpagesheader("location: userprofile.php"); // user will be taken to profile page
}
else
{
echo "<br />Incorrect username or password";
?>
<br /><a href="LoginForm.php">Login</a>
<?php
}
}
?>
下面是dbconnection.php
<?php
//Establishing connection with the database
define('DB_HOST', 'localhost');
define('DB_NAME', '');
define('DB_USER', '');
define('DB_PASSWORD', '');
define('DB_DATABASE', 'WebsiteUsers');
$db = mysqli_connect(DB_HOST,DB_NAME,DB_PASSWORD,DB_USER);
?>
以下是userprofile.php
<?php
session_start();
$username = $_SESSION['user']; //retrieve the session variable
?>
<center><h1>User Profile </h1></center>
<br/>
<b>Welcome <?php
echo $user ?> </b>
<div style="text-align: right"><a href="logout.php">Logout</a></div> <!--
calling Logout.php to destroy the session -->
<?php
if (!isset($_SESSION['user'])) //If user is not logged in then he cannot
accesstheprofilepage
{
// echo 'You are not logged in. <a href="login.php">Click here</a> to log
in .;
header("location:LoginForm.php");
}
?>
您可以尝试[test.laveshpillay.com/LoginForm.php] [1]的登录表单
您可以输入任何值,它会将您带到加载屏幕而不进行验证,它将保留在 login.php 表单
如果您需要代码的任何其他部分,请告诉我。
答案 0 :(得分:0)
更改login.php
文件中的以下内容并尝试:
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST'){//Made change here
use `$_REQUEST` instead of `$_GET`.
//Your logic comes here.
}
?>