我正在尝试通过查询数据库表来验证使用php的网站登录。它在解析login.php中的会话时创建了错误。该网站全部托管在XAMPP上。这只是一个试用网站。老实说,这是我第一次用PHP编写代码。
我试图修改$ global变量。是因为xampp在MariaDB而不是sql上运行,但这没有意义,因为这是PHP和create_table
This is the login
<html form
<div class="loginbox">
<img src="images/log.png" class="log">
<h1> Login </h1>
<form action="login.php" method="post">
<div class="name">
<label for ="name"> Username/E-mail:</label>
<input type="text" id="name" name="username" placeholder="Enter
Username/E-mail">
</div>
<div class="password">
<label for="password"> Password:</label>
<input type="password" id="password" name="password"
placeholder="Enter Password">
</div>
<div>
<button type="submit" >Login</button>
</div>
</form>
</div>
And this is the table created for signup.
$persontable= "CREATE TABLE IF NOT EXISTS users.Person(
Userid INTEGER UNSIGNED AUTO_INCREMENT PRIMARY KEY,
Firstname VARCHAR(20) NOT NULL,
Lastname VARCHAR(20) NOT NULL,
Username VARCHAR(30) NOT NULL,
Email VARCHAR(30) NOT NULL,
Password VARCHAR(20) NOT NULL,
Dateofbirth DATE NOT NULL,
Address VARCHAR(50) NOT NULL,
City VARCHAR(50) NOT NULL,
Zipcode VARCHAR(20),)";
if (!(mysqli_query($handler,$persontable))){
die("Account has not been created successfully:".
mysqli_error($handler)); }
else{echo "Account has been created succesfully"}
And this is the code of login<php
<?php
$servername = "127.0.0.1";
$username = "root";
$password = "";
/** Define variable to perform connection to the server*/
$handler = mysqli_connect($servername, $username, $password);
$errors = array();
session_start();
/** To perform authentication of login with the database*/
if(empty($_POST['username'])){
$this->errors[] = "Username field was empty.";
} elseif (empty($_POST['password'])) {
$this->errors[] = "Password field was empty.";
}
elseif(isset($_POST['username']) && isset($_POST['password'])){
$user=$_POST['username'];
$pass=$_POST['password'];
$handler or die(mysqli_error());
mysqli_select_db($handler,'users') or die("Cannot select DB");
$query=mysqli_query($handler,"SELECT Username,Email,Password
FROM person WHERE username='".$user."' OR email='".$user."'");
$numrows = mysqli_num_rows($query);
/**The old code is stated below here
if ($result_of_login_check->num_rows == 1)
*/
/**The Problem Starts here*/
if ($numrows ==1){
if (password_verify($_POST['password']) {
// write user data into PHP SESSION (a file on your
server)
/**The Problem Starts here*/
$_SESSION['user_name'] = $result_row->user_name;
$_SESSION['user_email'] = $result_row->user_email;
$_SESSION['user_login_status'] = 1;
} else {
$query->errors[] = "Wrong password or username. Try again.";
}
}
}
?>
答案 0 :(得分:0)
<?php session_start(); ?>在login.php顶部尝试此操作,并确保您在每个页面上都有启动会话。
<?php session_start();?>
<?php
$servername = "127.0.0.1";
$username = "root";
$password = "";
/** Define variable to perform connection to the server*/
$handler = mysqli_connect($servername, $username, $password);
$errors = array();
/** To perform authentication of login with the database*/
if(empty($_POST['username'])){
$this->errors[] = "Username field was empty.";
} elseif (empty($_POST['password'])) {
$this->errors[] = "Password field was empty.";
}
elseif(isset($_POST['username']) && isset($_POST['password'])){
$user=$_POST['username'];
$pass=$_POST['password'];
$handler or die(mysqli_error());
mysqli_select_db($handler,'users') or die("Cannot select DB");
$query=mysqli_query($handler,"SELECT Username,Email,Password
FROM person WHERE username='".$user."' OR email='".$user."'");
$numrows = mysqli_num_rows($query);
/**The old code is stated below here
if ($result_of_login_check->num_rows == 1)
*/
/**The Problem Starts here*/
if ($numrows ==1){
if (password_verify($_POST['password']) {
// write user data into PHP SESSION (a file on your
server)
/**The Problem Starts here*/
$_SESSION['user_name'] = $result_row->user_name;
$_SESSION['user_email'] = $result_row->user_email;
$_SESSION['user_login_status'] = 1;
} else {
$query->errors[] = "Wrong password or username. Try again.";
}
}
}
?>