0

我有一个登录系统,应该可以做什么,但我得到“检查您的登录详细信息”。

我确信细节没问题,但是它给出了错误。

dologin.php

<?php

include('includes/functions.php');

if(isset($_POST['login'])) {
  if(isset($_POST['username'])) {
    if(isset($_POST['password'])) {
        $username = $_POST['username'];
        $query = mysql_query("SELECT * FROM cm_users WHERE Username = '$username'") or die(mysql_error());
        $user = mysql_fetch_array($query);

        if(md5($_POST['password']) == $user['Password']) {
            echo "Login successful";
            $_SESSION['user'] = $user['Username'];
            header("Location: index.php");
        } else {
            echo "Please check your login details!";
            include('login.php');
        }
    } else {
            echo "Please check your password!";
            include('login.php');
    }
    } else {
    echo "Please check your username!";
    include('login.php');
    }
    } else {
    echo "Please check that you filled out the login form!";
    include('login.php');
    }
?>
4

1 回答 1

2

您认为一切正确的假设很容易测试,毕竟这是调试 101。

<?php

include('includes/functions.php');

if(isset($_POST['login'])) {
  if(isset($_POST['username'])) {
    if(isset($_POST['password'])) {
        $username = $_POST['username'];
        $query = mysql_query("SELECT * FROM cm_users WHERE Username = '$username'") or die(mysql_error());
        $user = mysql_fetch_array($query);

        //Proof debug code

        echo 'Database password = ' . $user['Password'] . '<br>';
        echo 'md5 of input password = ' . md5($_POST['password']) . '<br>';
        echo 'ARE THEY THE SAME' . '<br>';



        if(md5($_POST['password']) == $user['Password']) {
            echo "Login successful";
            $_SESSION['user'] = $user['Username'];
            header("Location: index.php");
        } else {
            echo "Please check your login details!";
            include('login.php');
        }
    } else {
            echo "Please check your password!";
            include('login.php');
    }
    } else {
    echo "Please check your username!";
    include('login.php');
    }
    } else {
    echo "Please check that you filled out the login form!";
    include('login.php');
    }
?>

哦,顺便说一句,MD5 不再被认为是安全的。看看这个手​​册页现在应该如何做

于 2015-08-01T19:04:38.447 回答