こんにちは、誰か助けてください。ログイン スクリプトがあり、ユーザーのユーザー名を設定するeric@email.com
と正常に動作しますが、電子メールがeric_1@email.com
他の特殊文字である場合、フォームに 1 つのエラーがあったと表示されるカウント エラー 1 がエコーされます。
_
メールまたはその他の特殊文字を使用して、スクリプトがユーザーに正常にログインできるようにするにはどうすればよいですか? 私はphpとmysqlに本当に慣れていないので、誰かがこれを修正する方法を教えてくれたら本当にうれしいです.
<?php
if (logged_in())
{
$_SESSION['login_message']="<div class=\"login-overlay\"></div><div class=\"login-box\"><div class=\"loginframe2\">
<h1>Login You In Securely </h1>
<p> PlaytimeBoys.com is login you in securely. Please wait.<br/><br/>
<div class=\"login-logo\">
<img src=\"assets/css/photobox/loading.gif\" width=\"24\" height=\"24\"><div class=\"login-text-logo\">Login You In. Please Wait</div></div>
</div></div>";
header("Location: {$_SERVER['HTTP_REFERER']}");
}
include_once("includes/form_functions.php");
// START FORM PROCESSING
if (isset($_POST['submit'])) { // Form has been submitted.
$errors = array();
// perform validations on the form data
$required_fields = array('email', 'password');
$errors = array_merge($errors, check_required_fields($required_fields, $_POST));
$fields_with_lengths = array('email' => 30, 'password' => 30);
$errors = array_merge($errors, check_max_field_lengths($fields_with_lengths, $_POST));
$email = trim(mysql_prep($_POST['email']));
$password = trim(mysql_prep($_POST['password']));
$hashed_password = md5($password);
if ( empty($errors) ) {
// Check database to see if email and the hashed password exist there.
$query = "SELECT id, email, close_account ";
$query .= "FROM ptb_users ";
$query .= "WHERE email = '{$email}' ";
$query .= "AND password = '{$hashed_password}' ";
$query .= "AND close_account = '0' ";
$query .= "LIMIT 1";
$result_set = mysql_query($query);
confirm_query($result_set);
if (mysql_num_rows($result_set) == 1) {
// email/password authenticated
// and only 1 match
$found_user = mysql_fetch_array($result_set);
$_SESSION['user_id'] = $found_user['id'];
$_SESSION['email'] = $found_user['email'];
$_SESSION['sub_expires'] = $found_user['subscription_expires'];
$result = mysql_query("UPDATE ptb_users SET user_online='Online' WHERE id=".$_SESSION['user_id']."")
or die(mysql_error());
if($result)
{
$_SESSION['login_message']="<div class=\"login-overlay\"></div><div class=\"login-box\"><div class=\"loginframe2\">
<h1>Login You In Securely </h1>
<p>login you in securely. Please wait.<br/><br/>
<div class=\"login-logo\">
<img src=\"assets/css/photobox/loading.gif\" width=\"24\" height=\"24\"><div class=\"login-text-logo\">Login You In. Please Wait</div></div>
</div></div>";
header("Location: {$_SERVER['HTTP_REFERER']}");
}
}else{
// email/password combo was not found in the database
$message = "<div class=\"infobox_out\"><strong>Email / Password combination incorrect.</strong><br />
Please make sure your caps lock key is off and try again.</div>";
echo "<a href=\"#\"><div class=\"infobox-close2\"></div></a>";
}
} else {
if (count($errors) == 1) {
$message = "<div class=\"infobox_out\">There was 1 error in the form.<div>";
} else {
$message = "<div class=\"infobox_out\">There were " . count($errors) . " errors in the form.<div>";
}
}
} else { // Form has not been submitted.
if (isset($_GET['logout']) && $_GET['logout'] == 1) {
$message = "<div class=\"infobox\">You are now logged out.</div>";
echo "<a href=\"#\"><div class=\"infobox-close3\"></div></a>";
} else { // Form has not been submitted.
if (isset($_GET['logout']) && $_GET['logout'] == 5) {
$message = "<div class=\"infobox-noprofile2\"><strong>Account Banned -</strong> We could not log you in because your account's<br/> been banned. Contact us at: <a href=\"mailto:Support@PlaytimeBoys.com\">Support@admin.com</a>.</div>";
echo "<a href=\"#\"><div class=\"infobox-close12\"></div></a>";
} else { // Form has not been submitted.
if (isset($_GET['logout']) && $_GET['logout'] == 6) {
$message = "<div class=\"infobox-noprofile2\"><strong>Account Warning -</strong> You recently violated a condition in our User Policy. Due to this you are receiving this warning. If you continue to violate any policy<br/> your account will be banned. <a href=\"terms.php\">Review User Policy</a> and<br/>login when ready.</div>";
echo "<a href=\"#\"><div class=\"infobox-close12\"></div></a>";
} else { // Form has not been submitted.
if (isset($_GET['logout']) && $_GET['logout'] == 2) {
$message = "<div class=\"infobox_out\">Sorry, we've had to log you out. Your session has expired.</div>";
echo "<a href=\"#\"><div class=\"infobox-close2\"></div></a>";
} else { // Form has not been submitted.
if (isset($_GET['logout']) && $_GET['logout'] == 1) {
$message = "<div class=\"infobox\">You are now logged out.</div>";
echo "<a href=\"#\"><div class=\"infobox-close3\"></div></a>";
}
}
}
}
}
$email = "";
$password = "";
}
?>
<br/>
<?php if (!empty($message)) {echo "<p class=\"message\">" . $message . "</p>";} ?>
<form action="login.php" rel="shadowbox;height=300;width=500" method="post" >
<div class="row email">
<input type="email" id="email" name="email" placeholder="Email" value="<?php echo htmlentities($email); ?>" />
</div>
<div class="row password">
<input type="password" id="password" name="password" placeholder="Password" value="<?php echo htmlentities($email); ?>" />
</div>
<input type="submit" name="submit" value="Login >" />
</form>
<?php if (!empty($errors)) { display_errors($errors); } ?>