如何成功登录?

时间:2018-04-28 06:13:35

标签: php html mysql forms login

的index.php 

    <!DOCTYPE HTML>  
     <html>
   <head>
    <style>
  .error {
 color:red;
   }

  .button {
  background-color: #4CAF50;
   border: none;
    color: white;
 padding: 10px 25px;
text-align: center;
text-decoration: none;
display: inline-block;
font-size: 16px;
margin: 4px 2px;
cursor: pointer;
     }
  .div1 {
background-color: #f2f2f2;
margin-top: -19px;
margin-bottom: -25px;
margin-left: -19px; 
  }

 .copy {
 border-radius: 4px;
 padding: 6px 20px;
  border-style: ridge;
   }

  .copy1{
 border-radius: 4px;
 padding: 6px 28px;
 border-style: ridge;
   }

    .copy2{
  border-radius: 4px;
  padding: 4px 2px;

  }
   </style>
  </head>
   <body>  

  <?php
   // define variables and set to empty values
   include_once 'connect.php';
  $nameErr = $emailErr = $usernameErr = $passwordErr = $DateOfBirthErr = 
    $departmentErr = $ageErr = "";
    $name = $email = $username = $password = $DateOfBirth = $department = 
   $age = "";

    if (isset($_POST['submit'])) {
   if (empty($_POST["name"])) {
     $nameErr = "Name is required";
    } else {
     $name = test_input($_POST["name"]);
   // check if name only contains letters and whitespace
    if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
   $nameErr = "Only letters and white space allowed"; 
     }
       }

    if (empty($_POST["email"])) {
     $emailErr = "Email is required";
       } else {
      $email = test_input($_POST["email"]);
        // check if e-mail address is well-formed
        if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $emailErr = "Invalid email format"; 
       }
    }

    if (empty($_POST["username"])) {
     $usernameErr = "Username is required";
      } else {
     $username = test_input($_POST["username"]);
    // check if name only contains letters and whitespace
   if (!preg_match("/^[a-zA-Z ]*$/",$username)) {
   $usernameErr = "Only letters and white space allowed"; 
       }
       }

     if (empty($_POST["password"])) {
     $passwordErr = "Password is required";
    } else {
     $password = test_input($_POST["password"]);
    $hashed_password = password_hash($password, PASSWORD_DEFAULT);
  // check weather password is alphanumeric
    if(!preg_match('/^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!@#$%]{6,}$/', 
  $password))
    {
$passwordErr = "Password must be alphanumeric and atleast 6 characters 
   long!";
   }
  }

    if (empty($_POST["Date_of_birth"])) {
    $DateOfBirthErr = "Date Of Birth is required";
   } else {
  $DateOfBirth = test_input($_POST["Date_of_birth"]);
    }

   if (empty($_POST["department"])) {
    $departmentErr = "Department is required";
   } else {
   $department = test_input($_POST["department"]);
     }

   if (empty($_POST["age"])) {
        $ageErr = "Age is required";
      } else {
        $age = test_input($_POST["age"]);
  }

   if($nameErr == "" && $emailErr == "" && $usernameErr == "" && 
  $passwordErr == "")
    { 
  $check="SELECT * FROM users WHERE username = '$_POST[username]'";
     $rs = mysqli_query($mysqli,$check);
  $da = mysqli_fetch_array($rs, MYSQLI_NUM);
 if($da[0] > 0) {
 echo "Username Already in Exists<br/>";
 }

   else
{
      $sql = "INSERT INTO users(`id`,`username`, `password`, `email` , 
    `name` , `Date_of_birth` , `department` ,`age`)
         VALUES ('','".$username."', '".$hashed_password."', '".$email."' , 
 '".$name."' , '".$DateOfBirth."' , '".$department."' , '".$age."')";

    if (mysqli_query($mysqli, $sql)) {
    echo "Registered successfully";
    } else {
    echo "Error: " . $sql . "<br>" . mysqli_error($mysqli);
    } 
    mysqli_close($mysqli);
   }
  }

  }

   function test_input($data) {
   $data = trim($data);
  $data = stripslashes($data);
  $data = htmlspecialchars($data);
     return $data;
   }
   ?>

  <div style="padding-left: 250px" class="div1">
  <h2 style="color:#009999">Registration Form :</h2>
  <p><span class="error">All fields are required </span></p>
  <form method="post" action="">  
    <span style="color:#0099ff">Name: </span>
  <input type="text" name="name" class= "copy" style="margin-left: 52px">
 <span class="error"> <?php echo $nameErr;?></span>
 <br><br>
 <span style="color:#0099ff"> E-mail: </span>
 <input type="text" name="email" class= "copy" style="margin-left: 48px">
 <span class="error"><?php echo $emailErr;?></span>
 <br><br>
  <span style="color:#0099ff"> Username: </span>
 <input type="text" name="username"  class= "copy" style="margin-left:26px">
   <span class="error"> <?php echo $usernameErr;?></span>
   <br><br>
  <span style="color:#0099ff"> Password: </span>
    <input type="password" name="password"  class= "copy" style="margin- 
    left:30px">
  <span class="error"> <?php echo $passwordErr;?></span>
  <br><br>
   <span style="color:#0099ff"> Date Of Birth : </span>
      <input type="date" class= "copy1" name="Date_of_birth">
      <span class="error"> <?php echo $DateOfBirthErr;?></span>
    <br><br>
 <span style="color:#0099ff">  Age : </span>
    <input type="number" name="age"  class= "copy" style="margin-left:62px">
    <span class="error"> <?php echo $ageErr;?></span>
      <br><br>
    <span style="color:#0099ff">  Department : </span>
 <select name="department"  class= "copy2" style="margin-left:14px">
   <option value="EE">Electrical & Electronics</option>
  <option value="EC">Electronics & Communication</option>
  <option value="ME">Mechanical</option>
  <option value="CS">Computer Science</option>
  <option value="CV">Civil</option>
    <option value="IS">Information Science</option>
   </select>
 <span class="error"> <?php echo $departmentErr;?></span>
    <br><br>
 <input type="submit" class="button" name="submit" value="Register">  
 <p style="color:black">Already Registered? <a href="login.php">Login</a>. 
 </p>
    </form>
     </div>
    </body>
    </html>

的login.php 

 <?php
   include_once 'connect.php';
 session_start();

 if($_SERVER["REQUEST_METHOD"] == "POST") {
   // username and password sent from form 

   $myusername = mysqli_real_escape_string($mysqli,$_POST['username']);
   $mypassword = mysqli_real_escape_string($mysqli,$_POST['password']); 

   $sql = "SELECT * FROM users WHERE username = '$myusername' and password = 
  '$mypassword'";
   $result = mysqli_query($mysqli,$sql);
  $row = mysqli_fetch_array($result,MYSQLI_ASSOC);
  $active = $row['active'];

    $count = mysqli_num_rows($result);

  // If result matched $myusername and $mypassword, table row must be 1 row

    if($count == 1) {
     session_register("myusername");
     $_SESSION['login_user'] = $myusername;

     header("location: welcome.php");
  }else {
     $error = "Your Login Name or Password is invalid";
     }
      }
   ?>
  <html>

  <head>
  <title>Login Page</title>

     <style type = "text/css">
      body {
        font-family:Arial, Helvetica, sans-serif;
        font-size:14px;
     }
     label {
        font-weight:bold;
        width:100px;
        font-size:14px;
     }
     .box {
        border:#666666 solid 1px;
     }
       </style>

   </head>

      <body bgcolor = "#FFFFFF">

  <div align = "center">
     <div style = "width:300px; border: solid 1px #333333; " align = "left">
        <div style = "background-color:#333333; color:#FFFFFF; 
      padding:3px;"><b>Login</b></div>

         <div style = "margin:30px">

           <form action = "" method = "post">
              <label>UserName  :</label><input type = "text" name = 
      "username" class = "box"/><br /><br />
              <label>Password  :</label><input type = "password" name = 
     "password" class = "box" /><br/><br />
              <input type = "submit" value = " Submit "/><br />
           </form>

           <div style = "font-size:11px; color:#cc0000; margin-top:10px"><? 
    php echo $error; ?></div>

        </div>

        </div>

         </div>

       </body>
  </html>

的welcome.php 

  <?php
   include_once 'session.php';

   ?>
  <html>

 <head>
  <title>Welcome </title>
  </head>

 <body>
  <h1>Welcome <?php echo $login_session; ?></h1> 
  <h2><a href = "logout.php">Sign Out</a></h2>
  </body>

   </html>

logout.php 

     <?php
     session_start();

     if(session_destroy()) {
     header("Location: login.php");
      }
     ?>

session.php文件

    <?php
   include_once 'connect.php';
    session_start();

  $user_check = $_SESSION['login_user'];

      $ses_sql = mysqli_query($mysqli,"select username from users where username = 
   '$user_check' ");

     $row = mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);

     $login_session = $row['username'];

    if(!isset($_SESSION['login_user'])){
  header("location:login.php");
   }
   ?>

connect.php 

      <?php


 $databaseHost = 'localhost';
   $databaseName = 'amith';
$databaseUsername = 'root';
 $databasePassword = '';

   $mysqli = mysqli_connect($databaseHost, $databaseUsername, 
    $databasePassword, $databaseName);

  ?>

我正在创建一个简单的php注册表单和一个登录表单。     我已经完成了注册表格,并且运作良好,但现在之后     填写注册表后,当他们尝试登录他们的页面时,它应该成功登录      但我无法得到这个想要的结果,即使很难,我也有相同的用户名和相同的密码      在注册时在数据库中但仍然在我尝试使用这些用户名和密码登录时      我无法登录,任何人都可以指导我对上述代码应该做些什么更改     以便获得我的结果

1 个答案:

答案 0 :(得分:0)

您在注册时使用public class Calculator { public static void main(String[] args) { Calculator c = new Calculator(); } public Calculator() { JFrame frame = new JFrame("Calculator"); frame.setSize(800, 800); frame.setResizable(false); Buttons b = new Buttons(); Display d = new Display(); frame.setLayout(new GridLayout(2, 1)); frame.add(d); frame.add(b); frame.setVisible(true); } public class Buttons extends JPanel implements ActionListener { private int z; public JButton[] buttons; public Display d;`enter code here` public String[] values; public String clickedButton; public Buttons() { setBackground(Color.BLACK); setLayout(new GridLayout(5, 4)); values = new String[100]; for(int i = 0; i < values.length; i++) { values[i] = new String(""); } addButtons(); } public void addButtons() { Font courier = new Font("Courier", Font.BOLD, 20); buttons = new JButton[20]; for(int i = 0; i < buttons.length; i++) { buttons[i] = new JButton(Integer.toString(i)); buttons[i].setBackground(Color.BLUE); buttons[i].setForeground(Color.WHITE); buttons[i].setFont(courier); buttons[i].setFocusable(false); buttons[i].addActionListener(this); buttons[i].setBorder(BorderFactory.createLineBorder(new Color(0, 100, 175, 255))); add(buttons[i]); } buttons[10].setVisible(false); buttons[10].setEnabled(false); buttons[11].setVisible(false); buttons[11].setEnabled(false); buttons[12].setText("C"); buttons[13].setText("+"); buttons[14].setText("-"); buttons[15].setText("*"); buttons[16].setText("/"); buttons[17].setText("+/-"); buttons[18].setText("^"); buttons[19].setText("="); } public void actionPerformed(ActionEvent e) { String action = e.getActionCommand(); d = new Display(); for(int i = 0; i < 10; i++) { if(action.equals(Integer.toString(i))) { values[d.i]+=Integer.toString(i); System.out.println("should be repainting"); d.repaint(); } } } } public class Display extends JPanel { public Buttons b; public Font courier; public int i; public Display() { i = 0; b = new Buttons(); setBackground(Color.BLACK); courier = new Font("Courier", Font.BOLD, 50); } public void paintComponent(Graphics g) { super.paintComponent(g); g.setColor(Color.BLUE); g.setFont(courier); g.drawString(b.values[i], 50, 50); repaint(); } } } 插入密码。然后您需要使用password_hash()验证密码。 使用这样的密码匹配或不匹配

password_verify()

您的登录代码

if(password_verify($password, $hashed_password)) {
    // If the password inputs matched the hashed password in the database
    // Do something, you know... log them in.
}

使用准备好的声明。因为你的代码是开放的SQL注入攻击。

相关问题
最新问题