2017-12-11 11 views
-3

ログインを確認しようとすると、私はこのメールとパスワードが間違っていることを示しています。私は同じ電子メールとパスワードを入力しましたが、正常に動作していません。MySQLデータベースでスクリプトをチェックしているときに、エラーが間違った電子メールまたはパスワード

私は、ログイン登録フォームを作ってるんだけど、私は

Login.php Regestration.php

<?php 
session_start(); 

if(isset($_SESSION['usr_id'])) { 
    header("Location: index.php"); 
} 

include_once 'db/connect_db.php'; 

//set validation error flag as false 
$error = false; 

//check if form is submitted 
if (isset($_POST['signup'])) { 
    $name = mysqli_real_escape_string($conn, $_POST['name']); 
    $email = mysqli_real_escape_string($conn, $_POST['email']); 
    $password = mysqli_real_escape_string($conn, $_POST['password']); 
    $cpassword = mysqli_real_escape_string($conn, $_POST['cpassword']); 

    //name can contain only alpha characters and space 
    if (!preg_match("/^[a-zA-Z ]+$/",$name)) { 
    $error = true; 
    $name_error = "Name must contain only alphabets and space"; 
    } 
    if(!filter_var($email,FILTER_VALIDATE_EMAIL)) { 
    $error = true; 
    $email_error = "Please Enter Valid Email ID"; 
    } 
    if(strlen($password) < 6) { 
    $error = true; 
    $password_error = "Password must be minimum of 6 characters"; 
    } 
    if($password != $cpassword) { 
    $error = true; 
    $cpassword_error = "Password and Confirm Password doesn't match"; 
    } 
    if (!$error) { 
    if(mysqli_query($conn, "INSERT INTO users(name,email,password) VALUES('" . $name . "', '" . $email . "', '" . md5($password) . "')")) { 
     $successmsg = "Successfully Registered! <a href='login.php'>Click here to Login</a>"; 
    } else { 
     $errormsg = "Error in registering...Please try again later!"; 
    } 
    } 
} 
?> 

<!DOCTYPE html> 
<html> 
<head> 
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> 
    <link rel="shortcut icon" href="uploads/pix-favicon.ico"> 
    <meta name="description" content=""> 
    <meta name="keywords" content=""> 
    <!-- CSS dependencies --> 
    <link rel="stylesheet" type="text/css" href="css/bootstrap.css" /> 
    <link rel="stylesheet" type="text/css" href="css/font-awesome.min.css" /> 
    <link rel="stylesheet" type="text/css" href="css/pix_style.css" /> 
    <link rel="stylesheet" type="text/css" href="css/main.css"/> 
    <link rel="stylesheet" type="text/css" href="css/font-style.css" /> 
    <link href="css/animations.min.css" rel="stylesheet" type="text/css" media="all" /> 
    <!--[if IE]> 
    <link rel="stylesheet" type="text/css" href="css/ie-fix.css" /> 
    <![endif]--> 
    <title></title> 
    <style type="text/css" id="pix_page_style"></style> 
</head> 
<body><div class="pix_section pix_nav_menu pix_scroll_header normal pix-padding-v-10" data-scroll-bg="#fff" id="section_1"> 
    <div class="container"> 
    <div class="row"> 
    <div class="col-md-10 col-xs-12 pix-inner-col col-sm-10 column ui-droppable"> 
    <div class="pix-content"> 
     <nav class="navbar navbar-default pix-no-margin-bottom pix-navbar-default"> 
     <div class="container-fluid"> 
     <div class="navbar-header"> 
     <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#pix-navbar-collapse" aria-expanded="false"> 
      <span class="sr-only">Toggle navigation</span> 
      <span class="icon-bar"></span> 
      <span class="icon-bar"></span> 
      <span class="icon-bar"></span> 
     </button> 
     <a class="navbar-brand logo-img logo-img-a pix-adjust-height" href="#"><img src="images/main/logo-md.png" alt="OCMS" class="img-responsive pix-logo-img"></a> 
     </div> 
     <div class="collapse navbar-collapse" id="pix-navbar-collapse"> 
     <ul class="nav navbar-nav navbar-right media-middle pix-header-nav pix-adjust-height" id="pix-header-nav"> 
      <li class="dropdown"><a href="login.php" class="pix-slight-white">SignIn</a> 
      </li> 
     </ul> 
     </div> 
     </div> 
     </nav> 
    </div> 
    </div> 
    </div> 
    </div> 
</div> 
<div class="container"> 
    <div class="row"> 
    <div class="col-md-4 col-md-offset-4 well"> 
     <form role="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="signupform"> 
     <fieldset> 
      <legend>Sign Up</legend> 

      <div class="form-group"> 
      <label for="name">Name</label> 
      <input type="text" name="name" placeholder="Enter Full Name" required value="<?php if($error) echo $name; ?>" class="form-control" /> 
      <span class="text-danger"><?php if (isset($name_error)) echo $name_error; ?></span> 
      </div> 

      <div class="form-group"> 
      <label for="name">Email</label> 
      <input type="text" name="email" placeholder="Email" required value="<?php if($error) echo $email; ?>" class="form-control" /> 
      <span class="text-danger"><?php if (isset($email_error)) echo $email_error; ?></span> 
      </div> 

      <div class="form-group"> 
      <label for="name">Password</label> 
      <input type="password" name="password" placeholder="Password" required class="form-control" /> 
      <span class="text-danger"><?php if (isset($password_error)) echo $password_error; ?></span> 
      </div> 

      <div class="form-group"> 
      <label for="name">Confirm Password</label> 
      <input type="password" name="cpassword" placeholder="Confirm Password" required class="form-control" /> 
      <span class="text-danger"><?php if (isset($cpassword_error)) echo $cpassword_error; ?></span> 
      </div> 

      <div class="form-group"> 
      <input type="submit" name="signup" value="Sign Up" class="btn btn-primary" /> 
      </div> 
     </fieldset> 
     </form> 
     <span class="text-success"><?php if (isset($successmsg)) { echo $successmsg; } ?></span> 
     <span class="text-danger"><?php if (isset($errormsg)) { echo $errormsg; } ?></span> 
    </div> 
    </div> 
    <div class="row"> 
    <div class="col-md-4 col-md-offset-4 text-center"> 
    Already Registered? <a href="login.php">Login Here</a> 
    </div> 
    </div> 
</div> 
<div class="pix_section pix-padding-v-40" id="section_5"> 
    <div class="container"> 
    <div class="row"> 
    <div class="col-md-7 col-xs-12 col-sm-7 column ui-droppable"> 
    <div class="pix-content pix-padding-v-30"> 
     <span class="pix-black-gray-light"><span class="pix_edit_text"><strong>OCMS</strong> Copyright © 2017 FIZ | All Rights Reserved</span></span> 
    </div> 
    </div> 
    <div class="col-md-5 col-xs-12 col-sm-5 column ui-droppable"> 
    <div class="pix-content pix-padding-v-20 text-right"> 
     <a href="#" class="small-social"> 
     <i class="pixicon-facebook3 big-icon-50 pix-slight-white"></i> 
     </a> 
     <a href="#" class="small-social"> 
     <i class="pixicon-twitter4 big-icon-50 pix-slight-white"></i> 
     </a> 
     <a href="#" class="small-social"> 
     <i class="pixicon-instagram4 big-icon-50 pix-slight-white"></i> 
     </a> 
    </div> 
    </div> 
    </div> 
    </div> 
</div> 
<!-- Javascript --> 
<script src="js/jquery-1.11.2.js"></script> 
<script src="js/jquery-ui.js"></script> 
<script src="js/bootstrap.js"></script> 
<script src="js/velocity.min.js"></script> 
<script src="js/velocity.ui.min.js"></script> 
<script src="js/appear.min.js" type="text/javascript"></script> 
<script src="js/animations.js" type="text/javascript"></script> 
<script src="js/plugins.js" type="text/javascript"></script> 
<script src="js/custom.js"></script> 
</body> 
</html> 

ログインフォーム

に着いたとき、それが正常に動作していません

<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> <link rel="shortcut icon" href="uploads/pix-favicon.ico"> <meta name="description" content=""> <meta name="keywords" content=""> <!-- CSS dependencies --> <link rel="stylesheet" type="text/css" href="css/bootstrap.css" /> <link rel="stylesheet" type="text/css" href="css/font-awesome.min.css" /> <link rel="stylesheet" type="text/css" href="css/pix_style.css" /> <link rel="stylesheet" type="text/css" href="css/main.css"/> <link rel="stylesheet" type="text/css" href="css/font-style.css" /> <link href="css/animations.min.css" rel="stylesheet" type="text/css" media="all" /> <title>OCMS</title> <style type="text/css" id="pix_page_style"></style> </head> <body><div class="pix_section pix_nav_menu pix_scroll_header normal pix-padding-v-10" data-scroll-bg="#fff" id="section_1"> <div class="container"> <div class="row"> <div class="col-md-10 col-xs-12 pix-inner-col col-sm-10 column ui-droppable"> <div class="pix-content"> <nav class="navbar navbar-default pix-no-margin-bottom pix-navbar-default"> <div class="container-fluid"> <div class="navbar-header"> <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#pix-navbar-collapse" aria-expanded="false"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="navbar-brand logo-img logo-img-a pix-adjust-height" href="#"><img src="images/main/logo-md.png" alt="OCMS" class="img-responsive pix-logo-img"></a> </div> <div class="collapse navbar-collapse" id="navbar1"> <ul class="nav navbar-nav navbar-right"> <?php if (isset($_SESSION['usr_id'])) { ?> <li><p class="navbar-text">Signed in as <?php echo $_SESSION['usr_name']; ?></p></li> <li><a href="logout.php">Log Out</a></li> <?php } else { ?> <li><a href="login.php">Login</a></li> <li><a href="register.php">Sign Up</a></li> <?php } ?> </ul> </div> </div> </nav> </div> </div> </div> </div> </div> <div class="container"> <div class="row"> <div class="col-md-4 col-md-offset-4 well"> <form role="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="loginform"> <fieldset> <legend>Login</legend> <div class="form-group"> <label for="name">Email</label> <input type="text" name="email" placeholder="Your Email" required class="form-control" /> </div> <div class="form-group"> <label for="name">Password</label> <input type="password" name="password" placeholder="Your Password" required class="form-control" /> </div> <div class="form-group"> <input type="submit" name="login" value="Login" class="btn btn-primary" /> </div> </fieldset> </form> <span class="text-danger"><?php if (isset($errormsg)) { echo $errormsg; } ?></span> </div> </div> <div class="row"> <div class="col-md-4 col-md-offset-4 text-center"> New User? <a href="register.php">Sign Up Here</a> </div> </div> </div> <div class="pix_section pix-padding-v-40" id="section_5"> <div class="container"> <div class="row"> <div class="col-md-7 col-xs-12 col-sm-7 column ui-droppable"> <div class="pix-content pix-padding-v-30"> <span class="pix-black-gray-light"><span class="pix_edit_text"><strong>OCMS</strong> Copyright © 2017 FIZ | All Rights Reserved</span></span> </div> </div> <div class="col-md-5 col-xs-12 col-sm-5 column ui-droppable"> <div class="pix-content pix-padding-v-20 text-right"> <a href="#" class="small-social"> <i class="pixicon-facebook3 big-icon-50 pix-slight-white"></i> </a> <a href="#" class="small-social"> <i class="pixicon-twitter4 big-icon-50 pix-slight-white"></i> </a> <a href="#" class="small-social"> <i class="pixicon-instagram4 big-icon-50 pix-slight-white"></i> </a> </div> </div> </div> </div> </div> <!-- Javascript --> <script src="js/jquery-1.11.2.js"></script> <script src="js/jquery-ui.js"></script> <script src="js/bootstrap.js"></script> <script src="js/velocity.min.js"></script> <script src="js/velocity.ui.min.js"></script> <script src="js/appear.min.js" type="text/javascript"></script> <script src="js/animations.js" type="text/javascript"></script> <script src="js/plugins.js" type="text/javascript"></script> <script src="js/custom.js"></script> </body> </html> 
+1

SQLインジェクションを防ぐために 'real_escape_string()'関数に頼らないでください。[それらだけでは十分ではありません](https://stackoverflow.com/questions/5741187/sql-injection-that-gets-around- mysql-real-escape-string)を実行します。あなたは[** mysqli **](https://secure.php.net/manual/en/mysqli.prepare.php)または[** PDO **](https ://secure.php.net/manual/en/pdo.prepared-statements.php)ドライバ。 [**この記事**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)には、いくつかの良い例があります。 –

+1

MD5はセキュリティ上の理由から壊れていると見なされ、パスワードハッシュでは不十分です。 ['password_hash()'](http://us3.php.net/manual/en/function.password-hash.php)と['password_verify()'](http://us3.php.net/ manual/en/function.password-verify.php)を使用してください。 5.5より前のバージョンのPHPを使用している場合は、[この互換性パック](https://github.com/ircmaxell/password_compat)を使用できます。 –

+0

**警告**:独自のアクセス制御レイヤーを作成するのは簡単ではなく、間違った操作をする機会がたくさんあります。 [Laravel](http://laravel.com/)のような最新の[開発フレームワーク](http://codegeekz.com/best-php-frameworks-for-developers/)がある場合は、独自の認証システムを作成しないでください。強力な[認証システム](https://laravel.com/docs/master/authentication)が組み込まれています。 – tadman

答えて

1

"Login.php"内のデータを検索しようとします。あなたのfromアクションはPHPコードを実行していないため、何も起こりません。

指定したユーザー名とパスワードの組み合わせを検索し、ログインしようとしているユーザーの入力と比較するデータベースクエリを追加することをお勧めします。

関連する問題