好的,我正在提前取得进展,因为人们试图帮助我决定重新编写我的代码以便它更清晰,更少功能和杂乱。
这不完全是重复的,这是重新编码的清洁工
但问题是我的禁令
echo '<div class="alert alert-block alert-danger fade in"><button type="button" class="close close-sm" data-dismiss="alert"><i class="fa fa-times"></i></button><strong>Oops!</strong> Your account has been banned. '.$ban.'</div>';
当用户被禁止时不回应我使用它所说的测试禁止帐户登录我的网站。
糟糕! 输入的用户名或密码不正确!
有人可以帮助我解决这个问题,我的代码在下面,并且更清洁,以便了解。
<?php
if (!($user -> LoggedIn()))
{
if (isset($_POST['logINBoss']))
{
$username = $_POST['username'];
$password = $_POST['password'];
$errors = array();
if (empty($username) || empty($password))
{
$errors[] = 'Please enter your username and password.';
}
if (!ctype_alnum($username) || strlen($username) < 4 || strlen($username) > 15)
{
$errors[] = 'Username must be 4-15 characters and alphanumeric only!';
}
if (empty($errors))
{
$captcha = htmlspecialchars($_POST["g-recaptcha-response"]);
$secret = $odb->query("SELECT `google_secret` FROM `admin` LIMIT 1")->fetchColumn(0);
$response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secret."&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']);
$response = json_decode($response);
if (!$captcha || $response->success == false)
{
echo '<center><div class="alert alert-icon alert-danger alert-dismissible fade in" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button><i class="mdi mdi-check-all"></i>Invalid Captcha Code Entered!</div></center>';
}
else
{
$SQLCheckLogin = $odb -> prepare("SELECT COUNT(*) FROM `users` WHERE `username` = :username AND `password` = :password");
$SQLCheckLogin -> execute(array(':username' => $username, ':password' => SHA1($password)));
$countLogin = $SQLCheckLogin -> fetchColumn(0);
if ($countLogin == 1)
{
$SQLGetInfo = $odb -> prepare("SELECT `username`, `ID`,`status` FROM `users` WHERE `username` = :username AND `password` = :password");
$SQLGetInfo -> execute(array(':username' => $username, ':password' => SHA1($password)));
$userInfo = $SQLGetInfo -> fetch(PDO::FETCH_ASSOC);
$status = $userInfo['status'];
$userid = $userInfo['ID'];
$userip = $_SERVER['REMOTE_ADDR'];
if ($status == 1)
{
$SQL = $odb->prepare("SELECT `reason` FROM `bans` WHERE `username` = :username");
$SQL->execute(array(':username' => $username));
$ban = $SQL->fetchColumn(0);
echo '<div class="alert alert-block alert-danger fade in"><button type="button" class="close close-sm" data-dismiss="alert"><i class="fa fa-times"></i></button><strong>Oops!</strong> Your account has been banned. '.$ban.'</div>';
}
elseif ($status == 0)
{
$username = $userInfo['username'];
$logAddr = $odb->prepare("INSERT INTO `loginip` (`username`,`ip`,`date`,`http_agent`) VALUES (:user, :ip, UNIX_TIMESTAMP(NOW()), :agent);");
$logAddr->execute(array( ":user" => $username, ":ip" => $_SERVER['REMOTE_ADDR'], ":agent" => $_SERVER['HTTP_USER_AGENT']));
$_SESSION['username'] = $userInfo['username'];
$_SESSION['username'] = $userInfo['username'];
$_SESSION['ID'] = $userInfo['ID'];
echo '<div class="alert alert-block alert-success fade in"><button type="button" class="close close-sm" data-dismiss="alert"><i class="fa fa-times"></i></button><strong>Success!</strong> You have logged in successfully. Redirecting..
</div><meta http-equiv="refresh" content="3;url=index.php">';
}
}
else
{
echo '<div class="alert alert-block alert-danger fade in"><button type="button" class="close close-sm" data-dismiss="alert"><i class="fa fa-times"></i></button><strong>Oops!</strong><br>Incorrect username or password entered!</div>';
}
}
}
}
}
?>