我在使用php和mysql进行简单登录时遇到了问题。
这是我的代码:
的login.php
<?php
//include 'core/init.php';
include 'functions.php';
//JH check if user is logged in already
if (loggedin()) {
header("location: userarea.php");
exit();
}
if ($_POST['login']) {
$user = $_POST['user'];
$pass = $_POST['pass'];
$remember = $_POST['remember'];
$password_encrip = hash('md5', $pass);
if ($user&&$pass) {
$login = mysql_query("SELECT * FROM users WHERE user='$user'");
while ($row = mysql_fetch_assoc($login))
$db_pass = $row['pass']; {
if ($password_encrip==$db_pass)
$login_ok = TRUE;
else
$login_ok = FALSE;
}
if ($login_ok==TRUE) {
if ($remember=="on")
setcookie("user", $user, time()+7200);
else if ($remember=="")
$_SESSION['user']=$user;
header("Location: userarea.php");
exit();
} else
echo "ERROR: Username/Password combination incorrect!";
} else
die("ERROR: Hit back and enter username and password!");
}
?>
<form action="login.php" method="POST">
<b style="font-size:150%;">Log in</b><br/>
Username: <input type="text" name="user"/><br/>
Password: <input type="password" name="pass"/><br/>
<input type="checkbox" name="remember" />Remember me<br/>
<input type="submit" name="login" value="Log in"/>
</form>
的functions.php
<?php
// REPORT ERRORS?
//error_reporting(E_ALL);
// SESSIONS CHECK
session_start();
//CONNECT TO DATABASE/CONNECT
mysql_connect("localhost","MYSQL","PASS") or die();
mysql_select_db('DB') or die();
// LOGIN CHECK FUNCTION
function loggedin()
{
if (isset($_SESSION['$user']) || isset($_COOKIE['$user']))
{
$loggedin = TRUE;
return $loggedin;
}
}
?>
USERAREA.PHP
<?php
//include 'core/init.php';
include 'functions.php';
//JH check if user is logged in already
if (!loggedin())
{
header("location: login.php");
exit();
}
?>
<p>Welcome! You're Logged in</p> <a href="logout.php">Logout</a><br/>
<?php
echo "Welcome SESS: ".$_SESSION['user']. "<br/>";
echo "Welcome Cookie: ".$_COOKIE['user']. "<br/>";
?>
有人可以帮忙吗?
答案 0 :(得分:2)
在PHP的顶部,放置session_start();
(您发布的第一页)。
答案 1 :(得分:0)
给这个注意一件大事是你总是想在添加查询之前清理用户输入,并且如果没有设置$ _post值,他们也不会返回false所以if($ _ POST ['something'])会返回错误
----------------------------------- LOGIN.PHP
<?php
//include 'core/init.php';
include 'functions.php';
//JH check if user is logged in already
if (loggedin()) {
header("location: userarea.php");
exit();
}
if ($_POST['login']) {
$user = mysql_real_escape_string($_POST['user']);
$pass = mysql_real_escape_string($_POST['pass']);
$remember = mysql_real_escape_string($_POST['remember']);
$password_encrip = hash('md5', $pass);
if (!empty($user) && !empty($pass)) {
$login = mysql_query("SELECT * FROM users WHERE user='$user' AND pass = '$password_encrip'");
while ($row = mysql_fetch_assoc($login)) {
if (count($row) > 0) {
$login_ok = TRUE;
} else {
$login_ok = FALSE;
}
}
if ($login_ok) {
if ($remember == "on") {
setcookie("user", $user, time() + 7200);
} else if ($remember == "") $_SESSION['user'] = $user;
header("Location: userarea.php");
exit();
} else {
echo "ERROR: Username/Password combination incorrect!";
}
} else {
die("ERROR: Hit back and enter username and password!");
}
}
?>
<form action="login.php" method="POST">
<b style="font-size:150%;">Log in</b><br/>
Username: <input type="text" name="user"/><br/>
Password: <input type="password" name="pass"/><br/>
<input type="checkbox" name="remember"/>Remember me<br/>
<input type="submit" name="login" value="Log in"/>
</form>
------------------------------------------ FUNCTIONS.PHP
<?php
// REPORT ERRORS?
//error_reporting(E_ALL);
// SESSIONS CHECK
session_start();
//CONNECT TO DATABASE/CONNECT
mysql_connect("localhost", "MYSQL", "PASS") or die();
mysql_select_db('DB') or die();
// LOGIN CHECK FUNCTION
function loggedin() {
if (isset($_SESSION['$user']) || isset($_COOKIE['$user'])) {
$loggedin = TRUE;
return $loggedin;
}
}
?>
---------------------------------------------- USERAREA.PHP
<?php
//include 'core/init.php';
include 'functions.php';
//JH check if user is logged in already
if (!loggedin()) {
header("location: login.php");
exit();
}
?>
<p>Welcome! You're Logged in</p> <a href="logout.php">Logout</a><br/>
<?php
echo "Welcome SESS: " . $_SESSION['user'] . "<br/>";
echo "Welcome Cookie: " . $_COOKIE['user'] . "<br/>";
?>