我有一个简单的登录页面,在带有if和elseif语句的顶级简单表单验证上。 我想把验证码下面的mysql select where语句写成(elseif)语句。如果电子邮件和密码=数据库表记录中的电子邮件和密码,则它会将使用重定向到安全页面,如果电子邮件或密码不存在或匹配,则最终(else)将显示错误数据库中。
我真的不知道如何以正确的方式做到这一点,这是我的尝试,但它不起作用:
<?php require_once("includes/connection.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php
$email = $_POST['Email'];
$hashed_password = md5($_POST['password']);
if (isset($_POST['submit'])) { // Form has been submitted.
if ($_POST['Email'] == "") {
$error = "Email address is required";
}
elseif (!(filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL))) {
$error = "Invalid email address";
}
elseif ($_POST['password'] == "") {
$error = "Type in your password";
}
elseif (strlen($_POST['password']) < 8) {
$error = "Minimum password length is 8";
}
elseif {
$query = "SELECT id, email ";
$query .= "FROM customers ";
$query .= "WHERE email = '{$email}' ";
$query .= "AND hashed_password = '{$hashed_password}' ";
$query .= "LIMIT 1";
$result_set = mysql_query($query);
redirect_to("account.php");
}
else {
echo "error";
}
}
?>
<!-- signup box -->
<div id="box_sign">
<div class="container">
<div class="span12 box_wrapper">
<div class="span12 box">
<div>
<div class="head">
<h4>Sign In</h4><br />
<div class="text-error">
<?php echo $error; ?><br />
<p class="text-success"><strong><?php echo $success; ?></strong></p>
</div>
</div>
<div class="form">
<form action="sign-in.php" method="POST">
<input type="text" id="Email" name="Email" placeholder="Email"/>
<input type="password" id="password" name="password" placeholder="Password"/>
<div class="right">
<a href="reset.html">Forgot password?</a>
</div>
<input type="submit" name="submit" class="btn" value="Sign In"/>
</form>
</div>
</div>
</div>
<p class="already">Don't have an account?
<a href="signin.html">Sign up</a></p>
</div>
</div>
</div>
答案 0 :(得分:1)
redirect_to()
不是一个预定义的PHP函数,它是一个自定义函数,可能你从其他地方选择了这个代码而你忘了拿起函数代码..应该可能就是这个
function redirect_to($link) {
header('Location: '.$link);
exit;
}
此外elseif {
无效,没有条件
答案 1 :(得分:0)
更改:
elseif {
$query = "SELECT id, email ";
$query .= "FROM customers ";
$query .= "WHERE email = '{$email}' ";
$query .= "AND hashed_password = '{$hashed_password}' ";
$query .= "LIMIT 1";
$result_set = mysql_query($query);
redirect_to("account.php");
}
致:
else {
$query = "SELECT id, email ";
$query .= "FROM customers ";
$query .= "WHERE email = '{$email}' ";
$query .= "AND hashed_password = '{$hashed_password}' ";
$query .= "LIMIT 1";
$result_set = mysql_query($query);
if (mysql_num_rows()>0){
Header("Location:account.php");
}
else {
echo 'Password or email is wrong';
}
}