Question

首先，非常感谢@NBK指出了我的password_verify问题。我通读了他们提供的两篇推荐文章，如何使用PHP的password_hash哈希和验证密码（7个答案）参考-此错误在PHP中意味着什么？（36个回答）

A，我仍然在trinasgame.joshuasplace2018.com/game/login.php上的登录表单存在问题，其中，一旦登录，就应该重定向到一个超级简单的index.php页面，该页面应显示“嗨” ，[昵称]。欢迎光临本站！但是，此时，如果您尝试登录页面，则只会踢出您的信息。

最初，我对与语法有关的问题很有信心，但我仍在努力找出错误的确切原因。已启用错误日志记录，但未看到生成任何错误，因此使用创建登录表单的步骤1 + 2从https://www.tutorialrepublic.com/php-tutorial/php-mysql-login-system.php中提取了代码。
登录页面代码如下

<?php
    session_start();
    require 'dbt.php';
    
    
    // Check if the nick is already logged in, if yes then redirect him to welcome page
    if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
        header("location: index.php");
        exit;
    }
    
    // Define variables and initialize with empty values
    $nickname = $password = "";
    $nickname_err = $password_err = "";
     
    // Processing form data when form is submitted
    if($_SERVER["REQUEST_METHOD"] == "POST"){
     
        // Check if nickname is empty
        if(empty(trim($_POST["nickname"]))){
            $nickname_err = "Please enter nickname.";
        } else{
            $nickname = trim($_POST["nickname"]);
        }
        
         // Check if password is empty
        if(empty(trim($_POST["password"]))){
            $password_err = "Please enter your password.";
        } else{
            $password = trim($_POST["password"]);
        }
        
            // Validate credentials
    if(empty($nickname_err) && empty($password_err)){
        // Prepare a select statement
        $sql = "SELECT * FROM `players` WHERE nickname = ?";
        
        if($stmt = mysqli_prepare($conn, $sql)){
            // Bind variables to the prepared statement as parameters
            mysqli_stmt_bind_param($stmt, "s", $param_nickname);
            
            // Set parameters
            $param_nickname = $nickname;
            
            // Attempt to execute the prepared statement
            if(mysqli_stmt_execute($stmt)){
                // Store result
                mysqli_stmt_store_result($stmt);
                
                // Check if username exists, if yes then verify password
                if(mysqli_stmt_num_rows($stmt) == 1){                    
                    // Bind result variables
                    mysqli_stmt_bind_result($stmt, $id, $nickname, $password);
                    if(mysqli_stmt_fetch($stmt)){
                        if(password_verify($password, BCRYPT)){
                            // Password is correct, so start a new session
                            session_start();
                            
                            // Store data in session variables
                            $_SESSION["loggedin"] = true;
                            $_SESSION["id"] = $id;
                            $_SESSION["nickname"] = $nickname;                            
                            
                            // Redirect user to welcome page
                            header("location: index.php");
                            exit();
                        } else{
                            // Display an error message if password is not valid
                            $password_err = "The password you entered was not valid.";
                        }
                    }
                } else{
                    // Display an error message if username doesn't exist
                    $username_err = "No account found with that username.";
                }
            } else{
                echo "Oops! Something went wrong. Please try again later.";
            }

            // Close statement
            mysqli_stmt_close($stmt);
        }
    }
    
    // Close connection
    mysqli_close($conn);
}
?>
<html>
   
   <head>
      <title>Login Page</title>
      
      <style type = "text/css">
         body {
            font-family:Arial, Helvetica, sans-serif;
            font-size:14px;
         }
         label {
            font-weight:bold;
            width:100px;
            font-size:14px;
         }
         .box {
            border:#666666 solid 1px;
         }
      </style>
      
   </head>
   
   <body bgcolor = "#FFFFFF">
    
      <div align = "center">
         <div style = "width:300px; border: solid 1px #333333; " align = "left">
            <div style = "background-color:#333333; color:#FFFFFF; padding:3px;"><b>Login</b></div>
                
            <div style = "margin:30px">
               
               <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">                                            
                                              <div class="container">
                                                <label for="nickname"><b>Nickname</b></label>
                                                <input type="text" placeholder="Nickname" name="nickname" required>

                                                <label for="password"><b>Password</b></label>
                                                <input type="password" placeholder="Enter Password" name="password" required>

                                                <button type="submit">Login</button>
                                                <label>
                                                  <input type="checkbox" checked="checked" name="remember"> Remember me
                                                </label>
                                              </div>

                                              <div class="container" style="background-color:#f1f1f1">
                                                New here? <a href="register.php">Register!</a>
                                                <button type="button" class="cancelbtn">Cancel</button>
                                                <span class="psw">Forgot <a href="#">password?</a></span>
                                              </div>
                                        </form>
               
               <div style = "font-size:11px; color:#cc0000; margin-top:10px"><?php echo $error; ?></div>
                    
            </div>
                
         </div>
            
      </div>

   </body>
</html>

索引页

    require 'dbt.php';
    session_start();
    
    // Check if the user is logged in, if not then redirect him to login page
    if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
        header("location: login.php");
        exit;
    }
?>
    <html>
        <head>
            <meta charset="us-ascii"><script src="https://code.jquery.com/jquery-3.4.1.slim.min.js" integrity="sha384-J6qa4849blE2+poT4WnyKhv5vZF5SrPo0iEjwBvKU7imGFAV0wwj1yYfoRSJoZ+n" crossorigin="anonymous"></script><script src="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js" integrity="sha384-wfSDF2E50Y2D1uUdj0O3uMBJnjuUD4Ih7YwaYd1iqfktj0Uod8GCExl3Og8ifwB6" crossorigin="anonymous"></script>
            <style type="text/css">p {
                            font-size: 15px;
                        }
                        p#login {
                            border: 1px black;                          
                        }
            </style>
            <link crossorigin="anonymous" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" rel="stylesheet" />
            <title>Trina&#39;s G-o-R | Dev mode</title>
        </head>
        <body>
            <div class="container">
                <div class="wrapper">
                    <div class="content">
                        <h2>Index/Game home page</h2>
                        
                        <p>Hi, <b><?php echo htmlspecialchars($_SESSION["nickname"]); ?></b>. Welcome to the site! </p>
                        <br/>
                            <!-- button onclick="rndInt()">Roll Dice</button>
                            <br/>
                            <div>
                                <p class="label">Latest roll:&nbsp; &nbsp;<span id="last_roll"></span></p>
                            </div-->
                            
                    </div>
                </div>
            </div>
            <h2><a href = "logout.php">Sign Out</a></h2>
        </body>     
    </html>

Answer 1

重定向时呼叫exit()：

// Redirect user to welcome page
header("location: index.php");
exit();

MySQL网站上的登录页面在登录时不会重定向

1 个答案: