【发布时间】:2011-05-31 20:39:51
【问题描述】:
我早些时候发布了一个关于此的问题,但由于我已缩小问题范围,因此需要更多帮助。下面是我正在使用的代码。我收到两个错误,我也包含了这些行,但我不知道问题是什么,我是新手,请帮助!
代码:
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{
$email = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE email = '$email'") or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: home.php");
}
}
}
//if the login form is submitted
if (isset($_POST['submit']))
{ // if form has been submitted
// makes sure they filled it in
if(!$_POST['email'] | !$_POST['password'])
{
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc())
{
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE email = '".$_POST['email']."'") or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0)
{
die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['password'] = md5($_POST['password']);
$_POST['password'] = $_POST['password'];
//gives error if the password is wrong
if ($_POST['password'] != $info['password'])
{
die('Incorrect password, please try again');
}
else
{
// if login is ok then we add a cookie
$_POST['email'] = stripslashes($_POST['email']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['email'], $hour);
setcookie(Key_my_site, $_POST['password'], $hour);
//then redirect them to the members area
header("Location: home.php");
}
}
}
else
{
Error # 1:
if ($pass != $info['password'])
Error # 2:
if ($_POST['password'] != $info['password']) {
【问题讨论】:
-
您收到的具体错误是什么?
-
OT:但您也应该咨询 bobby-tables.com 或阅读 mysql_real_escpae_string() - 您的代码似乎依赖于 magic_quotes。
-
我想我需要一个新的脚本,你能给我一个参考吗?谢谢。
标签: php mysql database passwords md5