PHP 文件未检测到表单数据
PHP file not detecting form data
我正在尝试将数据从 HTML 表单解析为 PHP 文件,以查看它是否与我的数据库中的数据匹配。这是我网站的登录系统。但是,即使我在 HTML 页面上输入了正确的凭据,数据也不会以某种方式被正确解析,因为我在输入时不断得到 PHP 代码的 'else' 部分他们。
HTML代码
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="index.css">
<link rel="preconnect" href="https://fonts.gstatic.com">
<link href="https://fonts.googleapis.com/css2?family=PT+Serif:wght@700&display=swap" rel="stylesheet">
<link rel="preconnect" href="https://fonts.gstatic.com">
<link href="https://fonts.googleapis.com/css2?family=Raleway&display=swap" rel="stylesheet">
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta http-equiv="X-UA-Compatible" content="ie=edge" />
<title>Title</title>
<link rel="stylesheet" href="login.css">
</head>
<body>
<header>
<h1 style="color: #333; font-family: PT Serif; font-size: 30px">Title</h1>
</header>
<section class="container">
<form method="post" action="index.php" id="login">
<h1 id="h1" style="font-family: Raleway; color: #333">Login</h1>
<div class="msg">
</div>
<div>
<label for="name" style="font-family: Raleway;">Name:</label>
<input class='input' type="text" id="name" name="userName">
</div>
<div>
<label for="password" style="font-family: Raleway;">Password:</label>
<input class='input' type="password" id="password" name="password">
</div>
<div>
<label for="register" style="font-family: Raleway;"><a href="(random link)">No account yet?</a></label>
</div>
<input class="btn" type="submit" value="Submit">
</form>
</section>
</body>
</html>
index.php
<?php
session_start();
$link = mysqli_connect('localhost','dbuser','dbpass','dbname');
if(isset($_POST['username']) && isset($_POST['password'])) {
$userName = $_POST['userName'];
$password = $_POST['password'];
$sql_u = "SELECT Username FROM users WHERE Username='$userName'";
$sql_p = "SELECT Password FROM users WHERE Password='$password'";
$res_u = mysqli_query($link, $sql_u);
$res_p = mysqli_query($link, $sql_p);
if($userName == $res_u && $password == $res_p) {
$_SESSION['userName'] = $userName;
$_SESSION['password'] = $password;
$_SESSION['loggedin'] = 1;
}
if($_SESSION['loggedin'] == 1) {
header('Location: (random html file)');
}
}
else {
?>
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="index.css">
<link rel="preconnect" href="https://fonts.gstatic.com">
<link href="https://fonts.googleapis.com/css2?family=PT+Serif:wght@700&display=swap" rel="stylesheet">
<link rel="preconnect" href="https://fonts.gstatic.com">
<link href="https://fonts.googleapis.com/css2?family=Raleway&display=swap" rel="stylesheet">
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta http-equiv="X-UA-Compatible" content="ie=edge" />
<title>Title</title>
<link rel="stylesheet" href="login.css">
</head>
<body>
<header>
<h1 style="color: #333; font-family: PT Serif; font-size: 30px">Title</h1>
</header>
<section class="container">
<form method="post" id="login">
<h1 id="h1" style="font-family: Raleway; color: #333">Login</h1>
<div class="msg">
</div>
<div>
<label for="name" style="font-family: Raleway;">Name:</label>
<input class='input' type="text" id="name" name="userName">
</div>
<div>
<label for="password" style="font-family: Raleway;">Password:</label>
<input class='input' type="password" id="password" name="password">
</div>
<div>
<label for="register" style="font-family: Raleway;"><a href="(random link)">No account yet?</a></label>
</div>
<input class="btn" type="submit" value="Submit">
</form>
</section>
</body>
</html>
<?php
}
我唯一能看到的可能是打字错误:
if(isset($_POST['username']) && isset($_POST['password'])) {
看起来应该是:
if(isset($_POST['userName']) && isset($_POST['password'])) {
此外,您不需要单独查询用户名和密码,如果用户名是唯一的,在一个查询中获取该用户的行,但您是否以纯文本形式存储密码?这可能有点冒险,您也有遭受 SQL 注入攻击的风险。
我正在尝试将数据从 HTML 表单解析为 PHP 文件,以查看它是否与我的数据库中的数据匹配。这是我网站的登录系统。但是,即使我在 HTML 页面上输入了正确的凭据,数据也不会以某种方式被正确解析,因为我在输入时不断得到 PHP 代码的 'else' 部分他们。
HTML代码
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="index.css">
<link rel="preconnect" href="https://fonts.gstatic.com">
<link href="https://fonts.googleapis.com/css2?family=PT+Serif:wght@700&display=swap" rel="stylesheet">
<link rel="preconnect" href="https://fonts.gstatic.com">
<link href="https://fonts.googleapis.com/css2?family=Raleway&display=swap" rel="stylesheet">
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta http-equiv="X-UA-Compatible" content="ie=edge" />
<title>Title</title>
<link rel="stylesheet" href="login.css">
</head>
<body>
<header>
<h1 style="color: #333; font-family: PT Serif; font-size: 30px">Title</h1>
</header>
<section class="container">
<form method="post" action="index.php" id="login">
<h1 id="h1" style="font-family: Raleway; color: #333">Login</h1>
<div class="msg">
</div>
<div>
<label for="name" style="font-family: Raleway;">Name:</label>
<input class='input' type="text" id="name" name="userName">
</div>
<div>
<label for="password" style="font-family: Raleway;">Password:</label>
<input class='input' type="password" id="password" name="password">
</div>
<div>
<label for="register" style="font-family: Raleway;"><a href="(random link)">No account yet?</a></label>
</div>
<input class="btn" type="submit" value="Submit">
</form>
</section>
</body>
</html>
index.php
<?php
session_start();
$link = mysqli_connect('localhost','dbuser','dbpass','dbname');
if(isset($_POST['username']) && isset($_POST['password'])) {
$userName = $_POST['userName'];
$password = $_POST['password'];
$sql_u = "SELECT Username FROM users WHERE Username='$userName'";
$sql_p = "SELECT Password FROM users WHERE Password='$password'";
$res_u = mysqli_query($link, $sql_u);
$res_p = mysqli_query($link, $sql_p);
if($userName == $res_u && $password == $res_p) {
$_SESSION['userName'] = $userName;
$_SESSION['password'] = $password;
$_SESSION['loggedin'] = 1;
}
if($_SESSION['loggedin'] == 1) {
header('Location: (random html file)');
}
}
else {
?>
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="index.css">
<link rel="preconnect" href="https://fonts.gstatic.com">
<link href="https://fonts.googleapis.com/css2?family=PT+Serif:wght@700&display=swap" rel="stylesheet">
<link rel="preconnect" href="https://fonts.gstatic.com">
<link href="https://fonts.googleapis.com/css2?family=Raleway&display=swap" rel="stylesheet">
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta http-equiv="X-UA-Compatible" content="ie=edge" />
<title>Title</title>
<link rel="stylesheet" href="login.css">
</head>
<body>
<header>
<h1 style="color: #333; font-family: PT Serif; font-size: 30px">Title</h1>
</header>
<section class="container">
<form method="post" id="login">
<h1 id="h1" style="font-family: Raleway; color: #333">Login</h1>
<div class="msg">
</div>
<div>
<label for="name" style="font-family: Raleway;">Name:</label>
<input class='input' type="text" id="name" name="userName">
</div>
<div>
<label for="password" style="font-family: Raleway;">Password:</label>
<input class='input' type="password" id="password" name="password">
</div>
<div>
<label for="register" style="font-family: Raleway;"><a href="(random link)">No account yet?</a></label>
</div>
<input class="btn" type="submit" value="Submit">
</form>
</section>
</body>
</html>
<?php
}
我唯一能看到的可能是打字错误:
if(isset($_POST['username']) && isset($_POST['password'])) {
看起来应该是:
if(isset($_POST['userName']) && isset($_POST['password'])) {
此外,您不需要单独查询用户名和密码,如果用户名是唯一的,在一个查询中获取该用户的行,但您是否以纯文本形式存储密码?这可能有点冒险,您也有遭受 SQL 注入攻击的风险。