所以我有一个像这样的简单登录页面:
<fieldset>
<legend>Verification</legend>
<form method="post" action="authentication.php">
<?php if($_GET['error']==1){
echo "<p style=\"float: left; \" class=\"criticMsg\">Username or password are wrong</p>";
}
?>
<br /><br /> <br /><br />
<label style="float: left; margin-top: 15px;" for="username">User</label><input type="text" name="username"></input><br />
<label for="password">Password</label><input type="password" name="password"></input> <br />
<input type="submit" class="globalBtn" value="Enter"></input>
</form>
</fieldset>
然后authenticate.php文件是这样的:
include ('functions.php');
if(valid_details($_POST['username'], $_POST['password'])){
header("Location: ../../storage_update.php?message=1");
}else{
header("Location: login.php?error=1");
}
最后,functions.php看起来像这样
include("../connection.php");
$sql = "SELECT user, pass FROM users";
$back = "There is an error. <a href=\"login.php\">Back</a>";
$result = $conn->query($sql) or die($back);
while($row = $result->fetch_object()){
//validates user input
function valid_details($username, $password){
if(isset($username) && $username == $row->user){
if(isset($password) && $password == $row->pass){
return true;}
}
};
}
当我输入数据库中提供的正确用户名和密码时,我在url中得到error = 1变量,这不是我对正确凭据的期望。但是,如果我快速双击提交按钮,它会让我在预期的页面上返回url中的message = 1,这意味着函数valid_credentials正常工作,但为什么按钮反应如此? 编辑在页面storage_update.php(目标网页)中,我实现了fancybox jquery插件。
答案 0 :(得分:1)
你的代码的结构真的很奇怪,如果我按照自己的方式将其重写大部分,无论如何,把它放在一边。目前你在while循环中有你的功能,为什么你首先循环是奇怪的,你可以直接在数据库中检查你正在寻找的用户。见下文。
include("../connection.php");
function valid_details($username, $password){
$sql = "SELECT user, pass FROM users";
$sql .= "WHERE user='".$username."' AND pass='".$password."'";
$back = "There is an error. <a href=\"login.php\">Back</a>";
$result = $conn->query($sql) or die($back);
return count( $result ) > 0
}