登录系统报错
Login system giving error
我有一个登录系统,应该可以用,但我得到 "Check your login details"。
我确定细节没问题,但是它给出了错误。
dologin.php
<?php
include('includes/functions.php');
if(isset($_POST['login'])) {
if(isset($_POST['username'])) {
if(isset($_POST['password'])) {
$username = $_POST['username'];
$query = mysql_query("SELECT * FROM cm_users WHERE Username = '$username'") or die(mysql_error());
$user = mysql_fetch_array($query);
if(md5($_POST['password']) == $user['Password']) {
echo "Login successful";
$_SESSION['user'] = $user['Username'];
header("Location: index.php");
} else {
echo "Please check your login details!";
include('login.php');
}
} else {
echo "Please check your password!";
include('login.php');
}
} else {
echo "Please check your username!";
include('login.php');
}
} else {
echo "Please check that you filled out the login form!";
include('login.php');
}
?>
你的假设都是正确的很容易测试,毕竟这是调试101。
<?php
include('includes/functions.php');
if(isset($_POST['login'])) {
if(isset($_POST['username'])) {
if(isset($_POST['password'])) {
$username = $_POST['username'];
$query = mysql_query("SELECT * FROM cm_users WHERE Username = '$username'") or die(mysql_error());
$user = mysql_fetch_array($query);
//Proof debug code
echo 'Database password = ' . $user['Password'] . '<br>';
echo 'md5 of input password = ' . md5($_POST['password']) . '<br>';
echo 'ARE THEY THE SAME' . '<br>';
if(md5($_POST['password']) == $user['Password']) {
echo "Login successful";
$_SESSION['user'] = $user['Username'];
header("Location: index.php");
} else {
echo "Please check your login details!";
include('login.php');
}
} else {
echo "Please check your password!";
include('login.php');
}
} else {
echo "Please check your username!";
include('login.php');
}
} else {
echo "Please check that you filled out the login form!";
include('login.php');
}
?>
哦,顺便说一下,MD5 不再被认为是安全的。看看这个manual page for how it should be done now
我有一个登录系统,应该可以用,但我得到 "Check your login details"。
我确定细节没问题,但是它给出了错误。
dologin.php
<?php
include('includes/functions.php');
if(isset($_POST['login'])) {
if(isset($_POST['username'])) {
if(isset($_POST['password'])) {
$username = $_POST['username'];
$query = mysql_query("SELECT * FROM cm_users WHERE Username = '$username'") or die(mysql_error());
$user = mysql_fetch_array($query);
if(md5($_POST['password']) == $user['Password']) {
echo "Login successful";
$_SESSION['user'] = $user['Username'];
header("Location: index.php");
} else {
echo "Please check your login details!";
include('login.php');
}
} else {
echo "Please check your password!";
include('login.php');
}
} else {
echo "Please check your username!";
include('login.php');
}
} else {
echo "Please check that you filled out the login form!";
include('login.php');
}
?>
你的假设都是正确的很容易测试,毕竟这是调试101。
<?php
include('includes/functions.php');
if(isset($_POST['login'])) {
if(isset($_POST['username'])) {
if(isset($_POST['password'])) {
$username = $_POST['username'];
$query = mysql_query("SELECT * FROM cm_users WHERE Username = '$username'") or die(mysql_error());
$user = mysql_fetch_array($query);
//Proof debug code
echo 'Database password = ' . $user['Password'] . '<br>';
echo 'md5 of input password = ' . md5($_POST['password']) . '<br>';
echo 'ARE THEY THE SAME' . '<br>';
if(md5($_POST['password']) == $user['Password']) {
echo "Login successful";
$_SESSION['user'] = $user['Username'];
header("Location: index.php");
} else {
echo "Please check your login details!";
include('login.php');
}
} else {
echo "Please check your password!";
include('login.php');
}
} else {
echo "Please check your username!";
include('login.php');
}
} else {
echo "Please check that you filled out the login form!";
include('login.php');
}
?>
哦,顺便说一下,MD5 不再被认为是安全的。看看这个manual page for how it should be done now