0

現在、登録フォームを作成しようとしています。フォーム自体が機能しており、ユーザーはデータベースにユーザーを作成できますが、サインアップすると、にリダイレクトされますadmin.php

アカウントの作成に使用した名前は、行のユーザー名ごとに表示されません。「ようこそ、、これでuser_nameログインしました!」と表示されます。

名前を表示できませんが、他のすべては機能します。

警告:mysql_fetch_array()は、パラメーター1がリソースであると想定しています。25行目のC:\ path \ to \ admin.phpでブール値が指定されてい
ます。警告:mysql_fetch_array()は、パラメーター1がリソースであり、C:\ path \to\でブール値が指定されていることを想定しています。 36行目のlogin.php

管理者:

<?php
require('db_config.php');
require_once('functions.php');

//if the cookie is still valid, recreate the session
if( $_COOKIE['logged_in'] == true ){
    $_SESSION['logged_in'] = true;
    $_SESSION['user_id'] = $_COOKIE['user_id'];
    $_SESSION['is_admin'] = $_COOKIE['is_admin'];

}
if( $_SESSION['logged_in'] != true ){
    //not logged in! send them back to the form]
    header('location:login.php');   
}

//extract the data for the logged in user, so we can use it on all page
$user_id = $_SESSION['name'];
$query_user = "SELECT * FROM users
                WHERE name = $user_id
                LIMIT 1";

$result_user = mysql_query($query_user);
$row_user = mysql_fetch_array($result_user);
//this going to be a handy variable to have throughout all pages
$user_id = $row_user['user_id'];

?>
<!doctype HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 
<html>
<head>
<meta charset="utf-8">
<link rel="stylesheet" type="text/css" href="css/reset.css" />
<link rel="stylesheet" type="text/css" href="css/format.css" />
<title>Schell Shock Design's Portfolio</title>
</head>

<body>
 <div id="login">
 <?php
    include('login.php');
    ?>
  </div>
  <div id="utilities">
   <?php include('utilities.php'); ?>
  </div>

<div id="container">
  <header>
   <?php include('header.php'); ?>
   </header>
       <div id="slider">
       <?php include('slider.php'); ?>
          </div>
        <div id="content">
      <?php include('content.php'); ?>

  </div>
  <div id="bottomcontent">
      <?php include('bottomcontent.php'); ?>
  </div>
  <div id="footer">
      <?php include('footer.php'); ?>
</div>
</body>
</html>

ログイン:

<?php
 //show an error if there is a problem with the login
if($error == true){ ?>

    <div class="error">
        Sorry, Your username and password are incorrect. Try again. 
    </div>  

<?php } //end if error ?>


<?php //show the form only if NOT logged in
if( !$_SESSION['logged_in'] ){

?>
  <div class="form1">
  <form action="?action=" method="post">
    <label for="username">Username:</label>
    <input type="text" name="username" id="username" />
    <label for="password">Password</label>
    <input type="password" name="password" id="password" />
    <input type="submit" value="Log in" />
    <input type="hidden" name="did_login" value="1" />
</form>
<?php } //end if not logged in 

else{ 
//get info of logged in person
     $user_id = $_SESSION['user_id'];
    $query_user = "SELECT name
                    FROM users
                    WHERE user_id = $user_id";

$result_user = mysql_query( $query_user );
$row_user = mysql_fetch_array( $result_user );
?>
    <div id="loggedin">
    <a href="?action=logout">Log Out</a>

    <?php //show a welcome message if they logged in successfully
    echo 'Welcome '.$row_user['name'].', You are now logged in!';
 ?> 


<?php } ?>
</div>

登録

<?php
//register parse. all this logic MUST go before the doctype or any other text output.
require('db_config.php');
require_once('functions.php');

//if they submitted the form, parse it
if( $_POST['did_register'] == 1 ){
    //extract amd sanitize all fields
    $username = clean_input($_POST['username']);
    $email = clean_input($_POST['email']);
    $password = clean_input($_POST['password']);
    $repassword = clean_input($_POST['repassword']);
    $policy = clean_input($_POST['policy']);

    //encrypted version of the password, for storing in the database
    $sha_password = sha1($password);

    //begin validation
    $valid = true;

    //did they forget to check the box?
    if( $policy != 1 ){
        $valid = false;
        $msg = 'You must agree to the TOS and PP before signing up. <br />';
    }

    //repeated password does not match
    if( $password != $repassword ){
        $valid = false;
        $msg .= 'The passwords provided do not match. <br />';
    }

    //make sure the username and password are at least 5 characters long, than check the database
    if( strlen($username) >= 5 AND strlen($password) >= 5 ){
        //check to see if username is already taken
        $query_username = "SELECT name
                            FROM users
                            WHERE name = '$username'
                            LIMIT 1";

        $result_username = mysql_query($query_username);
        //if one result is found, username is taken.
        if( mysql_num_rows($result_username) == 1 ){
            $valid= false;
            $msg .= 'That username is already taken. Try another. <br />';  
        }
    }else{
        $valid = false;
        $msg .= 'Username and Password must be at least 5 characters long. <br />'; 
    }

    //check for valid email, than check for match in database
    if( check_email_address($email) == true ){
        //look for match in database
        $query_email = "SELECT email
                        FROM users
                        WHERE email = '$email'
                        LIMIT  1";
        $result_email = mysql_query($query_email);
        //if 1 result is found, email is taken.
        if( mysql_num_rows($result_email) == 1 ){
            $valid = false;
            $msg .= 'Looks like an account with that email already exists. Do you want to login? <br />';

        }
    }else{
        //invalid email
        $valid = false;
        $msg .= 'Please provide a valid email address. <br />'; 
    }

    //if the data passed ALL tests, add the user to the database
    if( $valid == true ){
        $query_insert = "INSERT INTO users
                        (name, password, email, join_date, is_admin)
                        VALUES
                        ('$username', '$sha_password', '$email', now(), 0)";

        $result_insert = mysql_query($query_insert);
        //check to see if it worked
        if( mysql_affected_rows() == 1 ){
            //SUCCESS! Log the user in and send them to their profile.
            $_SESSION['logged_in'] = true;
            setcookie( 'logged_in', 'true', time() + 60*60*24*7 );
            header( 'location:index.php' );

        }else{
            $msg .= 'There was a problem adding the user to the Database';
        }
    }
} //end if submitted form
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Sign up for an account</title>

</head>

<body>
    <?php
    if( isset($msg) ){
        echo $msg;
    }
    ?>
    <form action="registration.php" method="post">
        <label for="username">Choose a Username:</label>
        <input type="text" name="username" id="username" />
        <span class="hint">Minimum of five characters</span>

        <label for="email">Your Email Address:</label>
        <input type="text" name="email" id="email" />      

        <label for="password">Choose a Password:</label>
        <input type="password" name="password" id="password" />
        <span class="hint">Minimum of 5 characters</span> 

        <label for="repassword">Repeat Password:</label>
        <input type="password" name="repassword" id="repassword" />

        <input type="checkbox" name="policy" id="policy" value="1" />
        <label for="policy">Yes, I have read the Terms of Service and Privacy Policy.</label>

        <input type="submit" value="Sign up" />
        <input type="hidden" name="did_register" value="1" />
    </form>


</body>
</html>

何を修正する必要がありますか?

4

2 に答える 2

1
  1. エラーの内容を確認する必要があります。

    if (!$result_user) {
       die('MySQL Error: '.mysql_error());
    }
    
  2. session_start()各ページの上部で呼び出します。

  3. セッションの値が正しく返されることを確認します。

    print_r($_SESSION);
    
于 2012-07-07T21:07:30.020 に答える
0

ではadmin.php、このクエリは失敗しています。

$query_user = "SELECT * FROM users WHERE name = $user_id LIMIT 1";

が空$user_idであるか、引用符 ( ) が必要な可能性があります'$user_id'

いずれにせよ、クエリの結果をチェックして、成功したことを確認する必要があります。

$user_id = $_SESSION['name'];
$query_user = "SELECT * FROM users
                WHERE name = $user_id
                LIMIT 1";

$result_user = mysql_query($query_user);
if (!$result_user) {
    die('Query failed: ' . mysql_error());
}

mysql_query()は、成功した場合にのみリソースの結果を返します。失敗すると、どの関数(bool)FALSEにも渡すことができないものを返します。mysql_fetch_*

login.php のエラーも同様です。

ログイン時に実行されるコードを表示していないようです。私の推測では、セッションに正しい変数を割り当てていません。

于 2012-07-07T21:06:07.833 に答える