-3
ログインを確認しようとすると、私はこのメールとパスワードが間違っていることを示しています。私は同じ電子メールとパスワードを入力しましたが、正常に動作していません。MySQLデータベースでスクリプトをチェックしているときに、エラーが間違った電子メールまたはパスワード
私は、ログイン登録フォームを作ってるんだけど、私は
Login.php Regestration.php<?php
session_start();
if(isset($_SESSION['usr_id'])) {
header("Location: index.php");
}
include_once 'db/connect_db.php';
//set validation error flag as false
$error = false;
//check if form is submitted
if (isset($_POST['signup'])) {
$name = mysqli_real_escape_string($conn, $_POST['name']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$password = mysqli_real_escape_string($conn, $_POST['password']);
$cpassword = mysqli_real_escape_string($conn, $_POST['cpassword']);
//name can contain only alpha characters and space
if (!preg_match("/^[a-zA-Z ]+$/",$name)) {
$error = true;
$name_error = "Name must contain only alphabets and space";
}
if(!filter_var($email,FILTER_VALIDATE_EMAIL)) {
$error = true;
$email_error = "Please Enter Valid Email ID";
}
if(strlen($password) < 6) {
$error = true;
$password_error = "Password must be minimum of 6 characters";
}
if($password != $cpassword) {
$error = true;
$cpassword_error = "Password and Confirm Password doesn't match";
}
if (!$error) {
if(mysqli_query($conn, "INSERT INTO users(name,email,password) VALUES('" . $name . "', '" . $email . "', '" . md5($password) . "')")) {
$successmsg = "Successfully Registered! <a href='login.php'>Click here to Login</a>";
} else {
$errormsg = "Error in registering...Please try again later!";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link rel="shortcut icon" href="uploads/pix-favicon.ico">
<meta name="description" content="">
<meta name="keywords" content="">
<!-- CSS dependencies -->
<link rel="stylesheet" type="text/css" href="css/bootstrap.css" />
<link rel="stylesheet" type="text/css" href="css/font-awesome.min.css" />
<link rel="stylesheet" type="text/css" href="css/pix_style.css" />
<link rel="stylesheet" type="text/css" href="css/main.css"/>
<link rel="stylesheet" type="text/css" href="css/font-style.css" />
<link href="css/animations.min.css" rel="stylesheet" type="text/css" media="all" />
<!--[if IE]>
<link rel="stylesheet" type="text/css" href="css/ie-fix.css" />
<![endif]-->
<title></title>
<style type="text/css" id="pix_page_style"></style>
</head>
<body><div class="pix_section pix_nav_menu pix_scroll_header normal pix-padding-v-10" data-scroll-bg="#fff" id="section_1">
<div class="container">
<div class="row">
<div class="col-md-10 col-xs-12 pix-inner-col col-sm-10 column ui-droppable">
<div class="pix-content">
<nav class="navbar navbar-default pix-no-margin-bottom pix-navbar-default">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#pix-navbar-collapse" aria-expanded="false">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand logo-img logo-img-a pix-adjust-height" href="#"><img src="images/main/logo-md.png" alt="OCMS" class="img-responsive pix-logo-img"></a>
</div>
<div class="collapse navbar-collapse" id="pix-navbar-collapse">
<ul class="nav navbar-nav navbar-right media-middle pix-header-nav pix-adjust-height" id="pix-header-nav">
<li class="dropdown"><a href="login.php" class="pix-slight-white">SignIn</a>
</li>
</ul>
</div>
</div>
</nav>
</div>
</div>
</div>
</div>
</div>
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4 well">
<form role="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="signupform">
<fieldset>
<legend>Sign Up</legend>
<div class="form-group">
<label for="name">Name</label>
<input type="text" name="name" placeholder="Enter Full Name" required value="<?php if($error) echo $name; ?>" class="form-control" />
<span class="text-danger"><?php if (isset($name_error)) echo $name_error; ?></span>
</div>
<div class="form-group">
<label for="name">Email</label>
<input type="text" name="email" placeholder="Email" required value="<?php if($error) echo $email; ?>" class="form-control" />
<span class="text-danger"><?php if (isset($email_error)) echo $email_error; ?></span>
</div>
<div class="form-group">
<label for="name">Password</label>
<input type="password" name="password" placeholder="Password" required class="form-control" />
<span class="text-danger"><?php if (isset($password_error)) echo $password_error; ?></span>
</div>
<div class="form-group">
<label for="name">Confirm Password</label>
<input type="password" name="cpassword" placeholder="Confirm Password" required class="form-control" />
<span class="text-danger"><?php if (isset($cpassword_error)) echo $cpassword_error; ?></span>
</div>
<div class="form-group">
<input type="submit" name="signup" value="Sign Up" class="btn btn-primary" />
</div>
</fieldset>
</form>
<span class="text-success"><?php if (isset($successmsg)) { echo $successmsg; } ?></span>
<span class="text-danger"><?php if (isset($errormsg)) { echo $errormsg; } ?></span>
</div>
</div>
<div class="row">
<div class="col-md-4 col-md-offset-4 text-center">
Already Registered? <a href="login.php">Login Here</a>
</div>
</div>
</div>
<div class="pix_section pix-padding-v-40" id="section_5">
<div class="container">
<div class="row">
<div class="col-md-7 col-xs-12 col-sm-7 column ui-droppable">
<div class="pix-content pix-padding-v-30">
<span class="pix-black-gray-light"><span class="pix_edit_text"><strong>OCMS</strong> Copyright © 2017 FIZ | All Rights Reserved</span></span>
</div>
</div>
<div class="col-md-5 col-xs-12 col-sm-5 column ui-droppable">
<div class="pix-content pix-padding-v-20 text-right">
<a href="#" class="small-social">
<i class="pixicon-facebook3 big-icon-50 pix-slight-white"></i>
</a>
<a href="#" class="small-social">
<i class="pixicon-twitter4 big-icon-50 pix-slight-white"></i>
</a>
<a href="#" class="small-social">
<i class="pixicon-instagram4 big-icon-50 pix-slight-white"></i>
</a>
</div>
</div>
</div>
</div>
</div>
<!-- Javascript -->
<script src="js/jquery-1.11.2.js"></script>
<script src="js/jquery-ui.js"></script>
<script src="js/bootstrap.js"></script>
<script src="js/velocity.min.js"></script>
<script src="js/velocity.ui.min.js"></script>
<script src="js/appear.min.js" type="text/javascript"></script>
<script src="js/animations.js" type="text/javascript"></script>
<script src="js/plugins.js" type="text/javascript"></script>
<script src="js/custom.js"></script>
</body>
</html>
ログインフォーム
に着いたとき、それが正常に動作していません
<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> <link rel="shortcut icon" href="uploads/pix-favicon.ico"> <meta name="description" content=""> <meta name="keywords" content=""> <!-- CSS dependencies --> <link rel="stylesheet" type="text/css" href="css/bootstrap.css" /> <link rel="stylesheet" type="text/css" href="css/font-awesome.min.css" /> <link rel="stylesheet" type="text/css" href="css/pix_style.css" /> <link rel="stylesheet" type="text/css" href="css/main.css"/> <link rel="stylesheet" type="text/css" href="css/font-style.css" /> <link href="css/animations.min.css" rel="stylesheet" type="text/css" media="all" /> <title>OCMS</title> <style type="text/css" id="pix_page_style"></style> </head> <body><div class="pix_section pix_nav_menu pix_scroll_header normal pix-padding-v-10" data-scroll-bg="#fff" id="section_1"> <div class="container"> <div class="row"> <div class="col-md-10 col-xs-12 pix-inner-col col-sm-10 column ui-droppable"> <div class="pix-content"> <nav class="navbar navbar-default pix-no-margin-bottom pix-navbar-default"> <div class="container-fluid"> <div class="navbar-header"> <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#pix-navbar-collapse" aria-expanded="false"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="navbar-brand logo-img logo-img-a pix-adjust-height" href="#"><img src="images/main/logo-md.png" alt="OCMS" class="img-responsive pix-logo-img"></a> </div> <div class="collapse navbar-collapse" id="navbar1"> <ul class="nav navbar-nav navbar-right"> <?php if (isset($_SESSION['usr_id'])) { ?> <li><p class="navbar-text">Signed in as <?php echo $_SESSION['usr_name']; ?></p></li> <li><a href="logout.php">Log Out</a></li> <?php } else { ?> <li><a href="login.php">Login</a></li> <li><a href="register.php">Sign Up</a></li> <?php } ?> </ul> </div> </div> </nav> </div> </div> </div> </div> </div> <div class="container"> <div class="row"> <div class="col-md-4 col-md-offset-4 well"> <form role="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="loginform"> <fieldset> <legend>Login</legend> <div class="form-group"> <label for="name">Email</label> <input type="text" name="email" placeholder="Your Email" required class="form-control" /> </div> <div class="form-group"> <label for="name">Password</label> <input type="password" name="password" placeholder="Your Password" required class="form-control" /> </div> <div class="form-group"> <input type="submit" name="login" value="Login" class="btn btn-primary" /> </div> </fieldset> </form> <span class="text-danger"><?php if (isset($errormsg)) { echo $errormsg; } ?></span> </div> </div> <div class="row"> <div class="col-md-4 col-md-offset-4 text-center"> New User? <a href="register.php">Sign Up Here</a> </div> </div> </div> <div class="pix_section pix-padding-v-40" id="section_5"> <div class="container"> <div class="row"> <div class="col-md-7 col-xs-12 col-sm-7 column ui-droppable"> <div class="pix-content pix-padding-v-30"> <span class="pix-black-gray-light"><span class="pix_edit_text"><strong>OCMS</strong> Copyright © 2017 FIZ | All Rights Reserved</span></span> </div> </div> <div class="col-md-5 col-xs-12 col-sm-5 column ui-droppable"> <div class="pix-content pix-padding-v-20 text-right"> <a href="#" class="small-social"> <i class="pixicon-facebook3 big-icon-50 pix-slight-white"></i> </a> <a href="#" class="small-social"> <i class="pixicon-twitter4 big-icon-50 pix-slight-white"></i> </a> <a href="#" class="small-social"> <i class="pixicon-instagram4 big-icon-50 pix-slight-white"></i> </a> </div> </div> </div> </div> </div> <!-- Javascript --> <script src="js/jquery-1.11.2.js"></script> <script src="js/jquery-ui.js"></script> <script src="js/bootstrap.js"></script> <script src="js/velocity.min.js"></script> <script src="js/velocity.ui.min.js"></script> <script src="js/appear.min.js" type="text/javascript"></script> <script src="js/animations.js" type="text/javascript"></script> <script src="js/plugins.js" type="text/javascript"></script> <script src="js/custom.js"></script> </body> </html>
SQLインジェクションを防ぐために 'real_escape_string()'関数に頼らないでください。[それらだけでは十分ではありません](https://stackoverflow.com/questions/5741187/sql-injection-that-gets-around- mysql-real-escape-string)を実行します。あなたは[** mysqli **](https://secure.php.net/manual/en/mysqli.prepare.php)または[** PDO **](https ://secure.php.net/manual/en/pdo.prepared-statements.php)ドライバ。 [**この記事**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)には、いくつかの良い例があります。 –
MD5はセキュリティ上の理由から壊れていると見なされ、パスワードハッシュでは不十分です。 ['password_hash()'](http://us3.php.net/manual/en/function.password-hash.php)と['password_verify()'](http://us3.php.net/ manual/en/function.password-verify.php)を使用してください。 5.5より前のバージョンのPHPを使用している場合は、[この互換性パック](https://github.com/ircmaxell/password_compat)を使用できます。 –
**警告**:独自のアクセス制御レイヤーを作成するのは簡単ではなく、間違った操作をする機会がたくさんあります。 [Laravel](http://laravel.com/)のような最新の[開発フレームワーク](http://codegeekz.com/best-php-frameworks-for-developers/)がある場合は、独自の認証システムを作成しないでください。強力な[認証システム](https://laravel.com/docs/master/authentication)が組み込まれています。 – tadman