为什么密码输入错误却没有显示用户名和密码错误?
<?php
//1.创建数据库 id adminuser adminpass created_at login_at login_ip
//2.连接数据库 imooc_shop
require '../db.func.php';
require '../tools.func.php';
//POST提交
if(!empty($_POST['adminuser'])){
//3.判断用户名和密码是否正确
$prefix=getDBPrefix();
$adminuser=$_POST['adminuser'];
$adminpass=md5($_POST['adminpass']);
$sql="SELECT id,adminuser FROM {$prefix}admin
WHERE adminuser='$adminuser'
AND adminpass='$adminpass'";
$res=queryOne($sql);
if($res){
//4.写入session
setSession('admin',['adminuser'=>$adminuser,id=>$res['id']]);
$login_at=date('Y/m/d H:i:s');
$ip=$_SERVER['REMOTE_ADDR']=='::1'?'127.0.0.1':$_SERVER[ 'REMOTE_ADDR'];
$login_ip=ip2long($ip);
$sql="UPDATE{$prefix}admin SET login_at='$login_at ',login_ip='$login_ip'
WHERE id='{$res['id']}'";
execute($sql);
//5.跳转到index.php
header('location:index.php');
}else{
setInfo('用户名或者密码错误');
}
}
?>
<!doctype html>
<html>
<head>
<title>慕课商城</title>
<!-- Required meta tags -->
<meta charset="utf-8">
<meta content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0" name="viewport" />
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
<!-- Fonts and icons -->
<link rel="stylesheet" type="text/css" href="assets/css/googlefonts.css?family=Roboto:300,400,500,700|Roboto+Slab:400,700|Material+Icons" />
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css">
<!-- Material Kit CSS -->
<link href="assets/css/material-dashboard.css?v=2.1.1" rel="stylesheet" />
</head>
<body>
<?php if(getInfo()) echo hasInfo();?>
<div class="wrapper ">
<div>
<div>
<div class="container" style="width: 50%;margin-top: 250px;">
<div class="row">
<div class="col-md-12">
<div class="col-md-12">
<div class="card">
<div class="card-header card-header-primary">
<h4 class="card-title">登录</h4>
<p class="card-category">以管理员身份登录后台</p>
</div>
<div class="card-body">
<form action="login.php" method="post">
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label class="bmd-label-floating">用户名</label>
<input type="text" name="adminuser" class="form-control">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label class="bmd-label-floating">密码</label>
<input type="password" name="adminpass" class="form-control">
</div>
</div>
</div>
<button type="submit" class="btn btn-primary pull-right">登录</button>
<div class="clearfix"></div>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<script src="assets/js/core/jquery.min.js"></script>
<script src="assets/js/core/popper.min.js"></script>
<script src="assets/js/core/bootstrap-material-design.min.js"></script>
</body>
</html>2
收起
正在回答
4回答
您好,输出提示信息的判断错误,应该为:另建议写到此处位置,不建议写在body开头。
祝学习愉快!
消除bug
2019-04-17 19:12:06
<?php
//[
// 'shop'=>[
// 'user'=>'zhansan',
// 'pass'=>'123'
// ]
// 'admin'=>[
// 'user'=>'wusan',
// 'pass'=>'456'
// ]
//]
function setSession($key,$data,$prefix=''){
session_id()||@session_start();
if(!empty($prefix)){
$_SESSION[$prefix][$key]=$data;
}else{
$_SESSION[$key]=$data;
}
}
function getSession($key,$prefix=''){
session_id() || @session_start();
if(!empty($prefix)){
return isset($_SESSION[$prefix][$key])?$_SESSION[$prefix][$key]:[];
}else{
return isset($_SESSION[$key])?$_SESSION[$key]:[];
}
}
function deleteSession($key,$prefix=''){
session_id()||@session_start();
if(!empty($prefix)){
$_SESSION[$prefix][$key]=null;
}else{
$_SESSION[$key]=null;
}
}
function setInfo($info){
setSession('info',$info,'system');
}
function getInfo(){
$info=getSession('info','system');
deleteSession('info','system');
return $info;
}
function hasInfo(){
return !empty(getSession('info','system'));
}
消除bug
2019-04-17 19:11:39
<?php
function connect(){
$config=require dirname(__FILE__).'/config.php';
$mysqli= @mysqli_connect(
$config['DB_HOST'].':'.$config['DB_PORT'],
$config['DB_USER'],
$config['DB_PASS'],
$config['DB_NAME']
)or die('Content-type:'.mysqli_connect_errno().mysqli_connect_error());
mysqli_set_charset($mysqli,$config['DB_CHARSET']);
return $mysqli;
}
function queryOne($sql){
$mysqli = connect();
$result = mysqli_query($mysqli,$sql);
$data = [];
if($result && mysqli_num_rows($result)>0){
$data=mysqli_fetch_assoc($result);
}
return $data;
}
function getDBPrefix(){
$config=require dirname(__FILE__).'/config.php';
return $config['DB_PREFIX'];
}
function execute($sql){
$mysqli=connect();
mysqli_query($mysqli,$sql);
return mysqli_affected_rows($mysqli)>0;
}相似问题
登录后可查看更多问答,登录/注册
PHP小白零基础入门
- 参与学习 人
- 提交作业 626 份
- 解答问题 4928 个
想要学好Web后端开发的中流砥柱语言,本阶段为你轻松铺就扎实的基础,从前端网页布局的搭建到后台PHP开发,助你从零基础到掌握主流开发语言。
了解课程
恭喜解决一个难题,获得1积分~
来为老师/同学的回答评分吧
0 星