我必须用我的PHP登录脚本修复一些错误,当用户使用大写字母的帐户时,它不会让他登录全部小写,所以我决定解决,但是,它不会登录,它只是重定向到登录与我的消息“意外的错误发生”。登录PHP脚本用户名和密码是正确的,但不会登录
它通过用户名检查,但不是密码,并且它不返回密码是不正确的。
我试着做一个新的帐户,它仍然进入该错误页面,但是这一次,它实际上登录了我,但没有与您已成功登录,并且现有用户无法登录,但是我做了一个新的。
而且我尝试了密码重置,它的工作原理,但不会导致成功登录消息。
我做的其他更改是密码散列,因为我使用用户名密码盐,而我从$hash = hash('sha256',$Username.$Password.$Salt);
更改为$hash = hash('sha256',strtolower($Username).$Password.$Salt);
,因为当用户名是大写或小写时,它对密码检查有影响。
我的代码:
<?php
/* Mysql data */
$MysqlUsername = "root";
$MysqlPassword = "*********";
$MysqlHostname = "localhost";
$MysqlDatabase = "teamgamersnet";
$Salt = "******";
$Username = $_POST['Username'];
$Password = $_POST['Password'];
$Remember = $_POST['Remember'];
$Cookie = "TGN";
$IP = $_SERVER['REMOTE_ADDR'];
if (empty($Username) || empty($Password)) { die("Please fill in all the fields"); }
$hash = hash('sha256',strtolower($Username).$Password.$Salt);
$Sql = new mysqli($MysqlHostname, $MysqlUsername, $MysqlPassword, $MysqlDatabase);
if ($Sql->connect_error){ echo $Sql->connect_error; }
$sUser = $Sql->real_escape_string($Username);
$sPass = $Sql->real_escape_string($Password);
$xPass = $Sql->real_escape_string($hash);
$CheckUser = $Sql->query("SELECT Username FROM `users` WHERE `Username` = '".$sUser."'");
$CheckPass = $Sql->query("SELECT Password FROM `users` WHERE `Username` = '".$sUser."'");
$CheckActive = $Sql->query("SELECT Activated FROM `users` WHERE `Username` = '".$sUser."'");
if ($CheckUser->num_rows == 0) { header("Location: /?p=Login&wrongusr=true"); die(); }
$xCheckUser = $CheckUser->fetch_array(MYSQLI_ASSOC);
$xCheckPass = $CheckPass->fetch_array(MYSQLI_ASSOC);
$xCheckAct = $CheckActive->fetch_array(MYSQLI_ASSOC);
if ($xCheckAct['Activated'] == "false") { header("Location: /?p=Login&activate=true"); die(); }
if(strtolower($Username) == strtolower($xCheckUser['Username'])) { // Check if username match
if($hash == $xCheckPass['Password']) { // Check if password is correct
if(isset($Remember)){
setcookie ($Cookie."User", htmlspecialchars($Username));
setcookie ($Cookie."Pass", $hash);
}
else
{
setcookie ($Cookie."User", htmlspecialchars($Username), time() + 3600);
setcookie ($Cookie."Pass", $hash, time() + 3600);
}
header("Location: /?login=true"); // Send them to home page
}
else
{
header("Location: /?p=Login&wrongpwd=true"); // Send them to home page
}
header("Location: /?p=Login&unxer=true"); // Username error, Idk why
}
?>
而不是像这样使用cookie,你应该检查到[Sessions](http://www.php.net/manual/en/book.session.php) – h2ooooooo
你有什么错误吗? – Bajrang
@lucianie错误是,当你登录时,它会记录你的旅馆,但它会重定向到登录页面,出现错误“发生了失败的错误,请重试..”,我设置了,而不是成功登录的主页。 – Teknikk