-1

テーブル「user」があり、その中に列「user_name」と「password」があります

ユーザー名 = 管理者

パスワード (ハッシュ) = 管理者

<?php
    $message = "";
    if (isset($_POST['submit'])){
    $username = trim(mysql_prep($_POST['user_name']));
    $password = trim(mysql_prep($_POST['password']));
    $hashed_password = sha1($password);

    if (empty($username) || empty($password)){
        $message = "You must enter username and password" . "<br />";
    } else {
        $query = "SELECT * ";
        $query .= "FROM user ";
        $query .= "WHERE user_name = '{$username}' ";
        $query .= "AND password = '{$hashed_password}' ";
        $query .= "LIMIT 1";

        $result  = mysql_query($query);
        verify_database($result);

        if (mysql_num_rows($result) == 1){
            $found_user = mysql_fetch_array($result);
            redirect_to("content.php");
        } else {
            $message = "Invalid username or password" . "<br />";
        }

    }

}

?>

        <form action="login.php" method="post">
            <?php echo $message; ?>
            User Name: <input type="text" name="user_name"/><br />
            Password: &nbsp;  <input type="password" name="password"/><br />
            <input type="submit" name="submit" value="Login"/>
        </form>

今の問題は、正しいユーザー名とパスワードを入れてもです。「ユーザー名またはパスワードが無効です」というメッセージが表示され続けます。

4

1 に答える 1

1

これを試して:

<?php
$message = "";

if (isset($_POST['submit'])){
    $username = trim($_POST['user_name']);
    $password = trim$_POST['password']);
    $hashed_password = sha1($password);

    if (empty($username) || empty($password)){
        $message = "You must enter username and password" . "<br />";
    } else {
        $query = "SELECT * ";
        $query .= "FROM user ";
        $query .= "WHERE user_name = '{$username}' ";
        $query .= "AND password = '{$hashed_password}' ";
        $query .= "LIMIT 1";

        $result  = mysql_query($query);
        verify_database($result);

        if (mysql_num_rows($result) == 1){
            $found_user = mysql_fetch_array($result);
            redirect_to("content.php");
        } else {
            $message = "Invalid username or password" . "<br />";
        }

    }

}

 <form action="login.php" method="post">
            <?php echo $message; ?>
            User Name: <input type="text" id="user_name" name="user_name"/><br />
            Password: &nbsp;  <input type="password" id="password" name="password"/><br />
            <input type="submit" name="submit" value="Login"/>
        </form>
于 2012-09-27T16:00:17.363 に答える