当用户被禁止时,它会发出错误的通知

时间:2018-01-24 12:57:40

标签: php echo

当用户被禁止时,它应该回应出被禁止的回声,但它反映了失败的登录回声,在线路的某处,如果有人可以帮助我,那么我就会搞砸了

我的PHP代码如下。

<?php
          if (!($user -> LoggedIn()))
          {
            if (isset($_POST['logINBoss']))
                    {
                        $captcha = htmlspecialchars($_POST["g-recaptcha-response"]);
                        $secret = $odb->query("SELECT `google_secret` FROM `admin` LIMIT 1")->fetchColumn(0);
                        $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secret."&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']);
                        $response = json_decode($response);
                        if (!$captcha || $response->success == false)
                        {
                        echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>Invalid Captcha Code Entered!</div></center>';
                        } else {
                        $username = htmlspecialchars($_POST['username']); 
                        $password = htmlspecialchars($_POST['password']);
              $Errors = array();
              if (!ctype_alnum($username) || strlen($username) < 1 || strlen($username) > 15)
              {
                $Errors[] = '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>Username Must Be  Alphanumberic And 4-15 characters in length</div></center>';
              }
              if (empty($username) || empty($password))
              {
                $Errors[] = '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>Fill in all fields</div></center>';
              }
              if (empty($Errors))
              {
        $SQLCheckLogin = $odb->prepare("SELECT COUNT(*) FROM `users` WHERE `username` = :username AND `password` = :password");
        $SQLCheckLogin -> execute(array(':username' => $username, ':password' => SHA1($password)));
        $countLogin = $SQLCheckLogin -> fetchColumn(0);
        if ($countLogin == 1)
        {
            $SQLGetInfo = $odb->prepare("SELECT `username`, `ID`, `status` FROM `users` WHERE `username` = :username AND `password` = :password");
            $SQLGetInfo -> execute(array(':username' => $username, ':password' => SHA1($password)));
            $userInfo = $SQLGetInfo -> fetch(PDO::FETCH_ASSOC);
        if ($countLogin == 1)
        {
        $SQL = $odb->prepare("SELECT `status` FROM `users` WHERE `username` = :username");
        $SQL->execute(array(':username' => $username));
        $status = $SQL->fetchColumn(0);
        if($status == 1)
        {
        $SQL = $odb->prepare("SELECT `reason` FROM `bans` WHERE `username` = :username");
        $SQL->execute(array(':username' => $username));
        $ban = $SQL->fetchColumn(0);
        die('<span style="color:red;">You are banned. Reason:</span> ' . htmlspecialchars($ban)); 
        }
                $logAddr = $odb->prepare("INSERT INTO `loginip` (`username`,`ip`,`date`,`http_agent`) VALUES (:user, :ip, UNIX_TIMESTAMP(NOW()), :agent);");
                $logAddr->execute(array( ":user" => $username, ":ip" => $_SERVER['REMOTE_ADDR'], ":agent" => $_SERVER['HTTP_USER_AGENT']));
                $_SESSION['username'] = $userInfo['username'];
                $_SESSION['ID'] = $userInfo['ID'];
                echo '<center><div class="alert alert-icon alert-success alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>You have been logged in successfully..</div></center><meta http-equiv="refresh" content="3;url=index.php">';
                  }
                  else
                  {
                  echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>You are banned for Reason...</div></center>';        
                  }
                  }
                else
                {
                  echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>Login Failed!!</div></center>';
                }
              }
              else
              {
                  echo '';
                foreach($Errors as $Error)
                {
                  echo ''.htmlspecialchars($Error).'';
                }
                echo '</div>';
              }
            }
          }
          }
          ?>

它应该回应这个

                      echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>You are banned for Reason...</div></center>';

对于被禁止的用户。

但相反,我不知道为什么。

 echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>Login Failed!!</div></center>';

但有没有人可以看到问题的帮助,甚至可以让我对其进行纠正。

2 个答案:

答案 0 :(得分:0)

我认为一定是

if ($status[0] == 1) {
// code
}

答案 1 :(得分:0)

将此行放在if

之外 
$SQL = $odb->prepare("SELECT `status` FROM `users` WHERE `username` = :username");
        $SQL->execute(array(':username' => $username));
        $status = $SQL->fetchColumn(0);

而在其他部分,whaich说登录失败了吗

else // else for login failed
{

if($status == 1)
        {
        $SQL = $odb->prepare("SELECT `reason` FROM `bans` WHERE `username` = :username");
        $SQL->execute(array(':username' => $username));
        $ban = $SQL->fetchColumn(0);
echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>You are banned for Reason...</div></center>';        
        die('<span style="color:red;">You are banned. Reason:</span> ' . htmlspecialchars($ban)); 
        }  

                  echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button><i class="mdi mdi-check-all"></i>Login Failed!!</div></center>';
                }

您还尝试为有效用户打印禁止

相关问题
最新问题