0

admin のユーザー名とパスワード admin を使用してユーザーをログインさせる基本システム用のスクリプトをオンラインでダウンロードしましたが、スクリプトにはログイン ページに小さなエラーがあり、宣言されていない変数があるようです。変数がフォームから宣言されていませんが、それを機能させる方法で宣言することはできません。フォーム入力から変数を宣言する方法が必要な$positionので、login.php でうまく機能します。エラーは次のとおりです。

注意: 未定義のインデックス: C:\Program Files\EasyPHP-5.3.3\www\preenrolmentsystem\login.php の 20 行目の位置

ソースには2つのページがあり、1つはlogin.php用で、もう1つはフォーム、つまりformform.php用です

ここにlogin.phpのソースがあります

<?php
//Start session
session_start();

//Connect to mysql server
include('connect.php');

//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
    $str = @trim($str);
    if(get_magic_quotes_gpc()) {
        $str = stripslashes($str);
    }
    return mysql_real_escape_string($str);
}

//Sanitize the POST values
$login = clean($_POST['id']);
$password = clean($_POST['password']);
$position = clean($_POST['position']);
$result = mysql_query("SELECT * FROM user WHERE idnumber='$login' AND password='$password'");
while($row = mysql_fetch_array($result))
    {
    $position = $row['position'];
    }
if ($position=='admin')
{
    //Create query
    $qry="SELECT * FROM admin WHERE idnum='$login' AND password='$password'";
    $result=mysql_query($qry);
    //while($row = mysql_fetch_array($result))
//  {
//  $level=$row['position'];
//  }
    //Check whether the query was successful or not
    if($result) {
        if(mysql_num_rows($result) > 0) {
            //Login Successful
            session_regenerate_id();
            $member = mysql_fetch_assoc($result);
            $_SESSION['SESS_MEMBER_ID'] = $member['id'];
            session_write_close();
            //if ($level="admin"){
            header("location: admin/index.php");
            exit();
        }else {
            //Login failed
            header("location: loginform.php");
            exit();
        }
    }else {
        die("Query failed");
    }
}
if ($position=='student')
{
    //Create query
    $qry="SELECT * FROM prereg WHERE idnumber='$login' AND password='$password'";
    $result=mysql_query($qry);
    //while($row = mysql_fetch_array($result))
//  {
//  $level=$row['position'];
//  }
    //Check whether the query was successful or not
    if($result) {
        if(mysql_num_rows($result) > 0) {
            //Login Successful
            session_regenerate_id();
            $member = mysql_fetch_assoc($result);
            $_SESSION['SESS_MEMBER_ID'] = $member['id'];
            $_SESSION['SESS_FIRST_NAME'] = $member['idnumber'];
            session_write_close();
            //if ($level="admin"){
            header("location: student/profile.php");
            exit();
        }else {
            //Login failed
            header("location: loginform.php");
            exit();
        }
    }else {
        die("Query failed");
    }
}
if ($position=='Casher')
{
    //Create query
    $qry="SELECT * FROM casher WHERE idnumber='$login' AND password='$password'";
    $result=mysql_query($qry);
    //while($row = mysql_fetch_array($result))
//  {
//  $level=$row['position'];
//  }
    //Check whether the query was successful or not
    if($result) {
        if(mysql_num_rows($result) > 0) {
            //Login Successful
            session_regenerate_id();
            $member = mysql_fetch_assoc($result);
            $_SESSION['SESS_MEMBER_ID'] = $member['id'];
            $_SESSION['SESS_FIRST_NAME'] = $member['idnumber'];
            session_write_close();
            //if ($level="admin"){
            header("location: casher/index.php");
            exit();
        }else {
            //Login failed
            header("location: loginform.php");
            exit();
        }
    }else {
        die("Query failed");
    }
}
if ($position=='teacher')
{
    //Create query
    $qry="SELECT * FROM teacher WHERE idnumber='$login' AND password='$password'";
    $result=mysql_query($qry);
    //while($row = mysql_fetch_array($result))
//  {
//  $level=$row['position'];
//  }
    //Check whether the query was successful or not
    if($result) {
        if(mysql_num_rows($result) > 0) {
            //Login Successful
            session_regenerate_id();
            $member = mysql_fetch_assoc($result);
            $_SESSION['SESS_MEMBER_ID'] = $member['id'];
            $_SESSION['SESS_FIRST_NAME'] = $member['idnumber'];
            session_write_close();
            //if ($level="admin"){
            header("location: teacher/index.php");
            exit();
        }else {
            //Login failed
            header("location: loginform.php");
            exit();
        }
    }else {
        die("Query failed");
    }
}

?>

および loginform.php

 <?php
    //Start session
    session_start();

    //Unset the variables stored in session
    unset($_SESSION['SESS_MEMBER_ID']);
    unset($_SESSION['SESS_FIRST_NAME']);
    unset($_SESSION['SESS_LAST_NAME']);
?>
<html>
<head>
<title>

</title>
<link rel="stylesheet" href="css/main.css" />
<style type="text/css">
<!--
.ed{
border-style:solid;
border-width:thin;
border-color:#00CCFF;
padding:5px;
margin-bottom: 4px;
}
#button1{
text-align:center;
font-family:Arial, Helvetica, sans-serif;
border-style:solid;
border-width:thin;
border-color:#00CCFF;
padding:5px;
background-color:#00CCFF;
height: 34px;
}
-->
</style>
</head>
<body>
    <div id="mainwrapper">
        <div id="header">
            <img src="images/amuni.jpg">
        </div>
        <div id="menu">
            <ul>
                <li>
                    <a href="index.php">Home</a>
                </li>
                <li>
                    <a href="loginform.php">Login</a>
                </li>
                <li>
                    <a href="pre_reg.php">Student Pre Registration</a>
                </li>
                <li>
                    <a href="aboutus.php">About Us</a>
                </li>
                <li>
                    <a href="help.php">Help</a>
                </li>
                <div class="clearfix"></div>
            </ul>
        </div>
        <div id="main" style="padding:20px; text-align:justify; font-family:arial;">

        <form action="login.php" method="post">
        I.D. Number<br>
        <input type="text" name="id" class="ed"><br>
        Password<br>
        <input type="password" name="password" class="ed"><br>
        <input type="submit" value="Login" id="button1">
        </form>
</div>
        <div id="footer">
        </div>
        <div class="clearfix"></div>
    </div>
</body>
</html>

任意の入力をいただければ幸いです

4

1 に答える 1

0

次のようなものを使用してみてください。

if (isset($_POST['position'])) {
    //do something with position
    $position = clean($_POST['position']));
} else {
    //position was not set, maybe give it a default value and use that
    $position = null;
}
于 2013-09-15T07:33:22.083 に答える