2
我试图在托管的网页上创建一个简单的登录系统。我有一个使用phpMyAdmin创建的MySQL数据库和表。数据库,HTML和PHP文件托管在同一台服务器上。我可以添加用户,帐户信息出现在表格中。问题在于登录。我总是收到“登录失败错误”。我用过的教程是located here。我已经检查并重新检查了错误密码,我不认为这是问题。我相信这个问题与fetchColumn()
命令有关。从我研究的内容来看,这个命令抓取下一行,这对我来说没有意义,因为用户名,密码和用户ID都位于同一行,只是不同的列。使用PHP和MYSQL创建登录脚本
这是用户提交信息,然后调用登录脚本的形式。下面的代码有两种形式;第一种形式是什么在这个问题上很重要。
<?php
/*** begin our session ***/
session_start();
/*** set a form token ***/
$form_token = md5(uniqid('auth', true));
/*** set the session form token ***/
$_SESSION['form_token'] = $form_token;
?>
<html>
<head>
<title>Log In Page</title>
<link rel="stylesheet" type="text/css" href="formstyle.css">
</head>
<header>
Log In Page
</header>
<body>
<h2>Log In</h2>
<form action="login_submit.php" method="post">
<fieldset id="forms" >
<p>
<label for="username">Username</label>
<input type="text" id="username" name="username" value="" maxlength="20"/>
</p>
<p>
<label for="password">Password</label>
<input type="text" id="password" name="password" value="" maxlength="20"/>
</p>
<p>
<input type="submit" value="Login"/>
</p>
</fieldset>
</form>
<h2>Create Account</h2>
<form action="adduser_submit.php" method="post">
<fieldset id="forms" >
<p>
<label for="username">Username</label>
<input type="text" id="username" name="username" value="" maxlength="20"/>
</p>
<p>
<label for="password">Password</label>
<input type="text" id="password" name="password" value="" maxlength="20"/>
</p>
<p>
<input type="hidden" name="form_token" value="<?php echo $form_token; ?>" />
<input type="submit" value="Sign Up"/>
</p>
</fieldset>
</form>
</body>
</html>
这是login_submit脚本。
<?php
/*** begin our session ***/
session_start();
/*** check if the user is already logged in ***/
if(isset($_SESSION['userID']))
{
$message = 'User is already logged in';
}
/*** check that both the username and password have been submitted ***/
if(!isset($_POST['username'], $_POST['password']))
{
$message = 'Please enter a valid username and password';
}
/*** check the username is the correct length ***/
elseif (strlen($_POST['username']) > 20 || strlen($_POST['username']) < 4)
{
$message = 'Incorrect Length for Username';
} `enter code here`
/*** check the password is the correct length ***/
elseif (strlen($_POST['password']) > 20 || strlen($_POST['password']) < 4)
{
$message = 'Incorrect Length for Password';
}
/*** check the username has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['username']) != true)
{
/*** if there is no match ***/
$message = "Username must be alpha numeric";
}
else
{
/*** if we are here the data is valid and we can insert it into database ***/
$username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);
/*** now we can encrypt the password ***/
$password = sha1($password);
/*** connect to database ***/
/*** mysql hostname ***/
$mysql_hostname = 'localhost';
/*** mysql username ***/
$mysql_username = 'neticl5';
/*** mysql password ***/
$mysql_password = 'corrupted707';
/*** database name ***/
$mysql_dbname = 'neticl5_apptest';
try
{
$dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
/*** $message = a message saying we have connected ***/
/*** set the error mode to excptions ***/
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
/*** prepare the select statement ***/
$stmt = $dbh->prepare('SELECT userID, username, password FROM useraccounts
WHERE username = :username AND password = :password');
/*** bind the parameters ***/
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR, 40);
/*** execute the prepared statement ***/
$stmt->execute();
/*** check for a result ***/
$userID = $stmt->fetchColumn();
/*** if we have no result then fail boat ***/
if($userID == false)
{
$message = 'Login Failed';
}
/*** if we do have a result, all is well ***/
else
{
/*** set the session user_id variable ***/
$_SESSION['userID'] = $userID;
/*** tell the user we are logged in ***/
$message = 'You are now logged in';
}
}
catch(Exception $e)
{
/*** if we are here, something has gone wrong with the database ***/
$message = 'We are unable to process your request. Please try again later';
}
}
?>
<html>
<head>
<title>Log In</title>
</head>
<body>
<p><?php echo $message; ?></p>
</body>
</html>
我想阅读该教程吗?呵呵 – 2014-11-09 03:34:34
PHP开启标签('<?php')之前的空白是有问题的。在调用'session_open()'](http://php.net/session_start#refsect1-function.session-start-notes)之前,你不能发送任何*输出。 – 2014-11-09 05:00:57