PHP - 如何在索引页面上的登录表单上打印错误?

时间:2016-02-08 14:40:27

标签: php html mysql forms login

好的,所以这个问题很难说,但我会尽我所能。所以我目前有一个带有弹出式登录表单的index.php页面,我有login.php以及所有登录php的东西来处理请求。目前我似乎只能在login.php页面上打印登录错误,这会打开一个空白的白页,上面只有错误,因为我的index.php表单上的表单操作设置为& #34;的login.php"它处理登录的东西..我想要的是在我的index.php中打印登录表单上的错误,但让login.php处理其余的PHP。我希望那种有道理。

<form action="login.php" method="post">
                <label>Email Address</label>
                <input type="text" name="email"/>
                <br />

                <label>Password</label>
                <input type="password" name="password"/>
                <br />
                <!--<?php 
                    if(empty($errors)===false){
                        echo output_errors($errors);    
                    }
                ?>-->
                <div class="checkbox">
                    <input id="remember" type="checkbox" />
                    <label for="remember">Keep me signed in</label>
                </div>

                <div class="action_btns">
                    <div class="one_half last"><input type="submit" class="btn btn-blue" value="Login"></div>
                    <div class="one_half last"><a href="#" id="register_form" class="btn">Sign up</a></div>
                </div>
            </form>

上面是index.php页面上我的表单的代码。注释掉的php就是我要打印错误的地方。 以下是我的login.php 

    <?php
include 'init.php';


function sanitize($data){
    return mysql_real_escape_string($data);
}

function output_errors($errors){
    return '<ul><li>'.implode('</li><li>', $errors).'</li></ul>';
}

//check if user exists
function user_exists($email){
        $email = sanitize($email);
        return (mysql_result(mysql_query("SELECT COUNT(ID) FROM register WHERE email = '$email'"),0) == 1)? true : false;
}

//check if user has activated account
function user_activate($email){
        $email = sanitize($email);
        return (mysql_result(mysql_query("SELECT COUNT(ID) FROM register WHERE email = '$email' AND active =1"),0) == 1)? true : false;
}
function user_id_from_email($email){
    $email = sanitize($email);
    return (mysql_result(mysql_query("SELECT id FROM register WHERE email = '$email'"),0,'id'));
}
function login($email,$password){
    $user_id = user_id_from_email($email);
    $email = sanitize($email);
    $password = md5($password);

    return (mysql_result(mysql_query("SELECT COUNT(id) FROM register WHERE email = '$email' AND password ='$password'"),0) == 1)? $user_id : false;
}


if(empty($_POST)=== false){
    $email = $_POST['email'];   
    $password = $_POST['password'];
}

if(empty($email)|| empty($password) === true){
        $errors[] = "You must enter a username and a password"; 
}
else if(user_exists($email) === false){
    $errors[] = "Email address is not registered";  
}
else if(user_activate($email) === false){
    $errors[] = "You haven't activated your account yet";   
}
else{
    $login = login($email, $password);
    if($login === false){
        $errors[] = "email/password are incorrect";
    } else {
        $_SESSION['user_id'] = $login;
        header('Location: index.php');
        exit();
    }
}
if(empty($errors)===false){
    header('Location: index.php');
    echo output_errors($errors);    
}

?>

这也是我的init.php,它存储了数组。

    <?php
session_start();
error_reporting();
require 'connection.php';

$errors = array();

?>

1 个答案:

答案 0 :(得分:1)

在我开始之前的一个提示是永远不要将不常数的变量放入预准备语句中,而是允许用户直接输入您的SQL语句。

但更重要的是,如果您想收到错误,我建议您使用基本die($db->error);,以便通过数据库返回错误。

在使用连接时始终记得$db->close();

相关问题
最新问题