简单的登录系统问题

时间:2011-12-10 19:29:25

标签: php

所以我正在学习如何为我正在制作的网站制作一个简单的登录系统,我收到了这个错误。

注意:使用未定义的常量myusername - 在第4行的/home/dkitterm/public_html/index.php中假设为'myusername'

这些是第3-6行。

    session_start();
    if(!session_is_registered(myusername)){
     header("location: main_login.php");
    }

这也是我的支票登录页面。

        <?php

    $host="localhost";
    $username="dkitterm";
    $password="";
    $db_name="";
    $tbl_name="members";

    //connect to server and db
    mysql_connect("$host", "$username", "$password") or die("Server Down");
    mysql_select_db("$db_name") or die("cannot select DB");

    //username and password sent from form
    $myusername=$_POST['myusername'];
    $mypassword=$_POST['mypassword'];

    //debunk
    $myusername = stripslashes($myusername);
    $mypassword = stripslashes($mypassword);
    $myusername = mysql_real_escape_string($myusername);
    $mypassword = mysql_real_escape_string($mypassword);

    //encrypt password
    $encrypted_mypassword=md5($mypassword);


    $sql="SELECT * FROM members WHERE login='$myusername' and password='$encrypted_mypassword'";
    $result=mysql_query($sql);

    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);
    // If result matched $myusername and $mypassword, table row must be 1 row

    if($count==1){
    // Register $myusername, $mypassword and redirect to file                 "login_success.php"
    session_register("myusername");
    session_register("mypassword"); 
    header("location: index.php");
    }
    else {
    echo "Wrong Username or Password";
    }
    ?>

2 个答案:

答案 0 :(得分:2)

作为@Col。 Sharpanel说这是另一个更好的解决方案,因为你使用了一个已弃用的功能。

 session_start();
    if(!isset($_SESSION['myusername'])){
     header("location: main_login.php");
    }

  <?php

$host="localhost";
$username="dkitterm";
$password="";
$db_name="";
$tbl_name="members";

//connect to server and db
mysql_connect("$host", "$username", "$password") or die("Server Down");
mysql_select_db("$db_name") or die("cannot select DB");

//username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

//debunk
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

//encrypt password
$encrypted_mypassword=md5($mypassword);


$sql="SELECT * FROM members WHERE login='$myusername' and password='$encrypted_mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file                 "login_success.php"
$_SESSION['myusername'] = $myusername; 
//if you need to register the password do the same but for the password 
header("location: index.php");
}
else {
echo "Wrong Username or Password";
}
?>

答案 1 :(得分:-1)

首先,您的检查页面不会100%保护您,因此您需要 到

session_start();
    if(!session_is_registered("myusername")){
     header("location: main_login.php");
     die(); 
    }

并在myusername周围加上引号,否则会将其视为一个不是

的常量
相关问题
最新问题