控制电子邮件登录

时间:2019-05-21 16:14:33

标签: php

我在此表单上有一个小问题,我希望也可以在用户的​​电子邮件中进行检查,而不仅仅是密码。 因为现在他的行为是在数据库中注册了电子邮件的情况下,但是密码不正确会留下一条错误消息,但是如果电子邮件不正确,则不会发出任何检查。

我还想附上一封电子邮件支票

<?php ob_start(); session_start(); ?>
<?php
$messaggio = "";
if (isset($_POST['submit'])) 
{
    include 'connection/cnt.php';
    $email = $connessione->real_escape_string($_POST['email']);
    $password = $connessione->real_escape_string($_POST['password']);
    $query = $connessione->query("SELECT *FROM collaboratori WHERE email='$email'");

    if ($query->num_rows > 0) 
    {
        $data = $query->fetch_array();
        if (password_verify($password, $data['password'])) {
        $_SESSION['collaboratore'] = $data['ID_Collaboratore'];
        ?>
        <script type="text/javascript">
        window.location = "home.php";
        </script>   
        <?php   
    }
    else
        $messaggio = "Please check your inputs!";

    }
}
?>

1 个答案:

答案 0 :(得分:0)

帖子中的缩进具有误导性。 else看起来与if ($query->num_rows > 0)一起使用,但实际上与if (password_verify($password, $data['password'])一起使用。

您需要else块来进行$query_num_rows检查。

您也不应该转义密码,因为您没有在SQL查询中使用该密码(除非您在保存密码时在调用password_hash()之前犯了转义密码的错误)。

<?php ob_start(); session_start(); ?>
<?php
$messaggio = "";
if (isset($_POST['submit'])) 
{
    include 'connection/cnt.php';
    $email = $connessione->real_escape_string($_POST['email']);
    $password = $_POST['password'];
    $query = $connessione->query("SELECT *FROM collaboratori WHERE email='$email'");

    if ($query->num_rows > 0) 
    {
        $data = $query->fetch_array();
        if (password_verify($password, $data['password'])) {
            $_SESSION['collaboratore'] = $data['ID_Collaboratore'];
            ?>
            <script type="text/javascript">
            window.location = "home.php";
            </script>   
            <?php   
        } else {
            $messaggio = "Please check your inputs!";
        }
    } else {
        $messaggio = "Please check your inputs!";
    }
}
?>

您还可以通过组合分配和检查来简化它。无需测试num_rows -如果没有匹配的行$query->fetch_array()将返回FALSE

<?php ob_start(); session_start(); ?>
<?php
$messaggio = "";
if (isset($_POST['submit'])) 
{
    include 'connection/cnt.php';
    $email = $connessione->real_escape_string($_POST['email']);
    $password = $_POST['password'];
    $query = $connessione->query("SELECT *FROM collaboratori WHERE email='$email'");

    if ($data = $query->fetch_array() && password_verify($password, $data['password'])) {
        $_SESSION['collaboratore'] = $data['ID_Collaboratore'];
        ?>
        <script type="text/javascript">
        window.location = "home.php";
        </script>   
        <?php   
    } else {
        $messaggio = "Please check your inputs!";
    }
}
?>
相关问题
最新问题