我使用ajaxhttp请求将登录数据传递给php登录脚本。当传递数据时,php脚本在错误处理中检查username和password变量后返回为空。我正在使用数据库中的有效登录详细信息。当用户使用密码_hash()注册时,密码已被哈希化;所以也许这就是问题所在?
这是登录php脚本:
<?php
session_start();
if ( isset( $_POST[ 'submit' ] ) ) {
//Establish DB Connection
include_once 'DBConnection.php';
//Store Username and Password from Login Form
$Username = mysqli_real_escape_string( $conn, $_POST[ 'Username' ] );
$Password = mysqli_real_escape_string( $conn, $_POST[ 'Password' ] );
//Error Handlers
//Check if inputs are empty
if ( empty( $Username ) || empty( $Password ) ) {
header( "Location: ../index.php?login=empty" );
exit();
} else {
$sql = "SELECT * FROM User WHERE Username='" . $Username . "'";
$result = mysqli_query( $conn, $sql );
$resultCheck = mysqli_num_rows( $result );
if ( $resultCheck < 1 ) {
header( "Location: ../index.php?login=error" );
exit();
} else {
if ( $row = mysqli_fetch_assoc( $result ) ) {
//Dehash Password
$hashedPasswordCheck = password_verify( $Password, $row[ 'Password' ] );
if ( $hashedPasswordCheck == false ) {
header( "Location: ../index.php?login=error" );
exit();
} elseif ( $hashedPasswordCheck == true ) {
//Log in user
$_SESSION[ 'u_id' ] = $row[ 'User_ID' ];
$_SESSION[ 'u_first' ] = $row[ 'Forename' ];
$_SESSION[ 'u_last' ] = $row[ 'Surname' ];
$_SESSION[ 'u_email' ] = $row[ 'Email' ];
$_SESSION[ 'u_user' ] = $row[ 'Username' ];
header( "Location: ../index.php?login=success" );
exit();
}
}
}
}
} else {
header( "Location: ../index.php?login=error" );
exit();
}这是表格代码:
<form class="form" role="form" method="post" action="../Assets/SignIn.php" accept-charset="UTF-8" id="login-nav">
<div class="form-group">
<label class="sr-only" for="exampleInputEmail2">Email Address</label>
<input type="email" class="form-control" id="Username" placeholder="Email Address/Username" required>
</div>
<div class="form-group">
<label class="sr-only" for="exampleInputPassword2">Password</label>
<input type="password" class="form-control" id="Password" placeholder="Password" required>
<div class="help-block text-right"><a href="">Forgot Password?</a>
</div>
</div>
<div class="form-group">
<button type="submit" name="submit" class="btn btn-primary btn-block" onclick="ajax_Login()">Sign in</button>
</div>
<div class="checkbox">
<label>
<input type="checkbox"> keep me logged-in
</label>
</div>
</form>这是ajax请求:
function ajax_Login(){
"use strict";
//Create XMLHttpRequest object
var request = new XMLHttpRequest();
//Create variables to store data to be sent to PHP file
var url = "signIn.php";
var uname = document.getElementById("Username").value;
var pword = document.getElementById("Password").value;
var vars = "Username="+uname+"&Password="+pword;
request.open("POST", url, true);
//Set content type header info for sending url encoded variables in the request
request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
//Access the onreadystatechange event for XMLHttpRequest object
request.onreadystatechange = function(){
if(request.readyState === 4 && request.status === 200){
var return_data = request.responseText;
document.getElementById("status").innerHTML = return_data;
}
};
//Send data to PHP file
request.send(vars);}
2条答案
按热度按时间gv8xihay1#
当您提交post方法表单时,它会向服务器发送post请求,然后全局
$_POST已设置。让我们看看你的代码:你用
isset( $_POST[ 'submit' ] )检查是否提交了登录表单。这意味着您必须有一个带有submit姓名。如果没有,只需简单检查一下isset($_POST)查询数据库或继续工作。希望这有帮助
emeijp432#
请检查您的提交按钮名称,因为提交未设置,这就是您出错的原因