メッセージを表示しようとしていますが、代わりにページ全体のコードが表示されます。ただし、これは登録時にのみ発生し、ログインで機能します。長いコードで申し訳ありませんが、機能する部分と機能しない部分の両方を含めたかったのです。
index.php:
<?php define('INCLUDE_CHECK',true); ?>
<?php require('members.php'); ?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta name="author" content="Corey Mason">
<meta charset="utf-8">
<title>Login</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="fluid960/reset.css" rel="stylesheet">
<link href="fluid960/grid.css" rel="stylesheet">
<link href="fluid960/text.css" rel="stylesheet">
<link href="styles.css" rel="stylesheet">
<script src="scripts/jquery/jquery.js"></script>
<script>
$(document).ready(function(){
$("#open").click(function(){
$("#register").fadeIn(500);
});
$("#close").click(function(){
$("#register").fadeOut(500);
});
$("#log").click(function(){
username=$("#username").val();
password=$("#password").val();
submit=$("#log").val();
$.ajax({
type: "POST",
url: "",
data: "submit="+submit+"&username="+username+"&password="+password,
success: function(response) {
if(response=='success') {
}
else {
$("#error-log").remove();
var error_msg = response;
$("#s-log").append('<div id="error-log" class="err welcome dismissible">'+error_msg+'</div>');
}
}
});
return false;
});
$("#reg").click(function(){
username=$("#username").val();
email=$("#email").val();
submit=$("#reg").val();
$.ajax({
type: "POST",
url: "",
data: "submit="+submit+"&username="+username+"&email="+email,
success: function(response) {
if(response==true) {
//display notification on login form
}
else {
$("#error-reg").remove();
var error_msg = response;
$("#s-reg").append('<div id="error-reg" class="err welcome dismissible">'+error_msg+'</div>');
}
}
});
return false;
});
});
</script>
</head>
<body>
<div id="pjax">
<div class="sign-box">
<div class="center">
<div class="main container_16 clearfix">
<form action="index.php">
<div id="s-log" class="section">
<div class="welcome dismissible"> <!-- make dismissible javascript -->
<strong>Welcome.</strong> Please enter your details to login.
</div>
</div>
<fieldset class="label_side top">
<label for="username">Username<span>or email address</span></label>
<div class="clearfix">
<input type="text" name="username" id="username">
</div>
</fieldset>
<fieldset class="label_side bottom">
<label for="password">Password<span><a href="#">Do you remember?</a></span></label>
<div class="clearfix">
<input type="password" name="password" id="password">
</div>
</fieldset>
<div class="button_bar clearfix">
<button id="log" type="submit" name="submit" value="Login">
<span>Login</span>
</button>
</div>
</form>
</div>
<button id="open" class="right" style="margin-top:10px;">
<span>Not Registered ?</span>
</button>
</div>
</div>
<div id="register" class="register-box" style="display:none;">
<form action="index.php">
<div id="s-reg" class="section">
</div>
<h2>Register</h2>
<div class="columns clearfix">
<div class="col_50">
<fieldset class="label_top top">
<label for="username">Username<span>Between 5 and 20 characters</span></label>
<div>
<input type="text" name="username" id="username" value="" />
</div>
</fieldset>
</div>
<div class="col_50">
<fieldset class="label_top top right">
<label for="">Name<span>so we know who you are</span></label>
<div>
<input type="text"> <!-- to do -->
</div>
</fieldset>
</div>
</div>
<div class="columns clearfix">
<div class="col_50">
<fieldset class="label_top">
<label for="email">Email</label>
<div>
<input type="text" name="email" id="email" />
</div>
</fieldset>
</div>
<div class="col_50">
<fieldset class="label_top right">
<label for="">Repeat Email</label>
<div>
<input type="text"> <!-- to do -->
</div>
</fieldset>
</div>
</div>
<fieldset class="label_side bottom">
<label>Password</label>
<div class="clearfix">
<label>A password will be e-mailed to you, this may be changed later.</label>
</div>
</fieldset>
<!-- edit -->
<div class="button_bar clearfix">
<button id="reg" type="submit" name="submit" value="Register">
<span>Register</span>
</button>
<button type="button" id="close" class="right">
<span>Cancel</span>
</button>
</div>
</form>
</div>
</div>
</body>
</html>
members.php
<?php if(!defined('INCLUDE_CHECK')) header("Location: ../index.php"); ?>
<?php
require 'connect.php';
require 'functions.php';
// Those two files can be included only if INCLUDE_CHECK is defined
session_name('Login');
// Starting the session
session_set_cookie_params(7*24*60*60);
// Making the cookie live for 1 week
session_start();
if($_SESSION['id'] && !isset($_COOKIE['FRCteam3482Remember']) && !$_SESSION['rememberMe'])
{
// If you are logged in, but you don't have the FRCteam3482Remember cookie (browser restart)
// and you have not checked the rememberMe checkbox:
$_SESSION = array();
session_destroy();
// Destroy the session
}
if(isset($_GET['logoff']))
{
$_SESSION = array();
session_destroy();
header("Location: ../../index.php");
exit;
}
if($_POST['submit']=='Login')
{
// Checking whether the Login form has been submitted
$err = array();
// Will hold our errors
if(!$_POST['username'] || !$_POST['password'])
$err[] = 'All the fields must be filled in!';
if(!count($err))
{
$_POST['username'] = mysql_real_escape_string($_POST['username']);
$_POST['password'] = mysql_real_escape_string($_POST['password']);
$_POST['rememberMe'] = (int)$_POST['rememberMe'];
// Escaping all input data
$row = mysql_fetch_assoc(mysql_query("SELECT id,usr FROM members WHERE usr='{$_POST['username']}' AND pass='".md5($_POST['password'])."'"));
if($row['usr'])
{
// If everything is OK login
$_SESSION['usr']=$row['usr'];
$_SESSION['id'] = $row['id'];
$_SESSION['rememberMe'] = $_POST['rememberMe'];
// Store some data in the session
setcookie('FRCteam3482Remember',$_POST['rememberMe']);
}
else $err[]='Wrong username and/or password!';
}
if($err) {
$_SESSION['msg']['login-err'] = implode('<br />',$err);
// Save the error messages in the session
echo $_SESSION['msg']['login-err'];
//php unset($_SESSION['msg']['login-err']);
//header("Location: index.php");
}
else {
echo 'success';
//header("Location: workspace/index.php");
}
exit;
}
else if($_POST['submit']=='Register')
{
// If the Register form has been submitted
$err = array();
if(strlen($_POST['username'])<4 || strlen($_POST['username'])>32)
{
$err[]='Your username must be between 3 and 32 characters!';
}
if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['username']))
{
$err[]='Your username contains invalid characters!';
}
if(!checkEmail($_POST['email']))
{
$err[]='Your email is not valid!';
}
if(!count($err))
{
// If there are no errors
$pass = substr(md5($_SERVER['REMOTE_ADDR'].microtime().rand(1,100000)),0,6);
// Generate a random password
$_POST['email'] = mysql_real_escape_string($_POST['email']);
$_POST['username'] = mysql_real_escape_string($_POST['username']);
// Escape the input data
mysql_query(" INSERT INTO members(usr,pass,email,regIP,dt)
VALUES(
'".$_POST['username']."',
'".md5($pass)."',
'".$_POST['email']."',
'".$_SERVER['REMOTE_ADDR']."',
NOW()
)");
if(mysql_affected_rows($link)==1)
{
send_mail( 'FRC Team 3482',
$_POST['email'],
'FRC Team 3482 - Your Password',
'Your password is: '.$pass);
$_SESSION['msg']['reg-success']='We sent you an email with your password!';
echo 'success';
}
else $err[]='This username is already taken!';
}
if(count($err))
{
$_SESSION['msg']['reg-err'] = implode('<br />',$err);
echo $_SESSION['msg']['login-err'];
}
header("Location: index.php");
exit;
}
$script = '';
if($_SESSION['msg'])
{
// Nothing?
}
?>