使用 php 制作登录脚本时出现问题
Problems making a login script with php
我的网站登录脚本需要一些帮助。我只收到 "nouser" 错误,但我知道我有一个帐户并且是正确的登录名。就像它跳过了脚本的登录部分。我检查了大括号,我想我是对的。好像从数据库中提取有问题?
任何人都可以看到任何错误或可以给我一些改进建议吗?
if (isset($_POST['login-submit'])) {
require "dbh.i.php";
$mailuid = $_POST['mailuid'];
$password = $_POST['pwd'];
if (empty($mailuid) && empty($password)) {
header("Location: ../index.php?error=emptyfields");
exit();
} else {
$sql = "SELECT * FROM users WHERE uidUsers=? OR emailUsers;";
$stmt = mysqli_stmt_init($connect);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../index.php?error=sqlerror");
exit();
} else {
mysqli_stmt_bind_param($stmt, "ss", $mailuid, $mailuid);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($result)) {
$pwdCheck = password_verify($password, $row['pwdUsers']);
if ($pwdCheck == false) {
header("Location: ../index.php?error=wrongpwd");
exit();
} else if ($pwdCheck == true) {
session_start();
$_SESSION[userId] = $row['idUsers'];
$_SESSION[userUid] = $row['uidUsers'];
header("Location; ../index.php?login=success");
exit();
} else {
header("Location: ../index.php?error=wrongpwd");
exit();
}
} else {
header("Location: ../index.php?error=nouser");
exit();
}
}
}
} else {
header("Location: ../index.php?signup");
exit();
}
我认为你的这部分代码是错误的:
$sql = "SELECT * FROM users WHERE uidUsers=? OR emailUsers;";
$stmt = mysqli_stmt_init($connect);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../index.php?error=sqlerror");
exit();
} else {
mysqli_stmt_bind_param($stmt, "ss", $mailuid, $mailuid);
您的查询中只有一个占位符需要替换:SELECT * FROM users WHERE uidUsers=? OR emailUsers;,但您替换了两次:
mysqli_stmt_bind_param($stmt, "ss", $mailuid, $mailuid);
尝试将查询更改为:
SELECT * FROM users WHERE uidUsers=? OR emailUsers=?;
我的网站登录脚本需要一些帮助。我只收到 "nouser" 错误,但我知道我有一个帐户并且是正确的登录名。就像它跳过了脚本的登录部分。我检查了大括号,我想我是对的。好像从数据库中提取有问题?
任何人都可以看到任何错误或可以给我一些改进建议吗?
if (isset($_POST['login-submit'])) {
require "dbh.i.php";
$mailuid = $_POST['mailuid'];
$password = $_POST['pwd'];
if (empty($mailuid) && empty($password)) {
header("Location: ../index.php?error=emptyfields");
exit();
} else {
$sql = "SELECT * FROM users WHERE uidUsers=? OR emailUsers;";
$stmt = mysqli_stmt_init($connect);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../index.php?error=sqlerror");
exit();
} else {
mysqli_stmt_bind_param($stmt, "ss", $mailuid, $mailuid);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($result)) {
$pwdCheck = password_verify($password, $row['pwdUsers']);
if ($pwdCheck == false) {
header("Location: ../index.php?error=wrongpwd");
exit();
} else if ($pwdCheck == true) {
session_start();
$_SESSION[userId] = $row['idUsers'];
$_SESSION[userUid] = $row['uidUsers'];
header("Location; ../index.php?login=success");
exit();
} else {
header("Location: ../index.php?error=wrongpwd");
exit();
}
} else {
header("Location: ../index.php?error=nouser");
exit();
}
}
}
} else {
header("Location: ../index.php?signup");
exit();
}
我认为你的这部分代码是错误的:
$sql = "SELECT * FROM users WHERE uidUsers=? OR emailUsers;";
$stmt = mysqli_stmt_init($connect);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../index.php?error=sqlerror");
exit();
} else {
mysqli_stmt_bind_param($stmt, "ss", $mailuid, $mailuid);
您的查询中只有一个占位符需要替换:SELECT * FROM users WHERE uidUsers=? OR emailUsers;,但您替换了两次:
mysqli_stmt_bind_param($stmt, "ss", $mailuid, $mailuid);
尝试将查询更改为:
SELECT * FROM users WHERE uidUsers=? OR emailUsers=?;