第七色在线视频,2021少妇久久久久久久久久,亚洲欧洲精品成人久久av18,亚洲国产精品特色大片观看完整版,孙宇晨将参加特朗普的晚宴

為了賬號安全,請及時(shí)綁定郵箱和手機(jī)立即綁定
已解決430363個(gè)問題,去搜搜看,總會有你想問的

包含不包括html文件

包含不包括html文件

PHP
收到一只叮咚 2021-05-04 13:20:03
我正在建立一個(gè)與數(shù)據(jù)庫鏈接的登錄系統(tǒng),我想在從數(shù)據(jù)庫中檢查數(shù)據(jù)后顯示一個(gè)html文件。因此,我使用了(include方法),它向我顯示了控制臺中不在Web上的html文件。頁。我已經(jīng)嘗試使用(require方法)并將其更改為php文件,并且仍在執(zhí)行相同操作。<?php$dbsevername = "127.0.0.1";$dbusername = "root";$dbpassword = "**************";$dbname = "loginsystem";$dbport = '3306';$username = $_POST['username'];$password = $_POST['password'];$_SESSION["favcolor"] = "green";$conn = mysqli_connect($dbsevername, $dbusername, $dbpassword,$dbname);$sql = "SELECT * FROM passwords where username='$username' and password='$password';";$result = mysqli_query($conn, $sql);$resultCheck = mysqli_num_rows($result); // = 2if ($resultCheck > 0) {   while($row = mysqli_fetch_assoc($result)){     if ($row['username'] == $username && $row['password'] == $password) {       include("true.html");     }   }}else {   include("false.html");}mysqli_close($conn);?>我想在檢查數(shù)據(jù)時(shí)打開(true.php)或(false.php)。
查看完整描述

3 回答

?
慕少森

TA貢獻(xiàn)2019條經(jīng)驗(yàn) 獲得超9個(gè)贊

 $uid = $_POST['uid'];

 $pwd = $_POST['pwd'];


 if ($uid == null){

   header("Location: ../index.php?message=ERROR 001 - Username or Password can not be 

   blank!");

    exit();

 }


 if ($pwd == null){

    header("Location: ../index.php?message=ERROR 001 - Username or Password can not 

    be blank!");

    exit();

}



if ($stmt = $link->prepare("SELECT password FROM users WHERE username=?")) {

 $stmt->bind_param("s", $uid);

 $stmt->execute();

 $stmt->bind_result($pass);

 $stmt->fetch();

 $stmt->close();

}


if (!$stmt) {

 header("Location: ../index.php?message=ERROR 003 - Connection to the database could 

 not be established!");

    exit();

}


$hash_pwd = $pass;


if ($hash_pwd == crypt($pwd, $hash_pwd)){

 $decrypt = 1; 

 }else{

  $decrypt = 0;

}


if ($decrypt == 0){

    include ("false.html");

    exit();

} else {

 $stmt = $link->prepare("SELECT id FROM users WHERE username='$uid' AND password=?");

 $stmt->bind_param("s", $hash_pwd);

 $stmt->execute();

 $stmt->bind_result($id);

 $stmt->fetch();

 $stmt->close();

 $_SESSION['id'] = $id;

 include ("true.html");

}

這應(yīng)該更好地工作。您必須更改數(shù)據(jù)庫的相關(guān)詳細(xì)信息。我已開始為您存儲ID的會話變量。


查看完整回答
反對 回復(fù) 2021-05-21
?
莫回?zé)o

TA貢獻(xiàn)1865條經(jīng)驗(yàn) 獲得超7個(gè)贊

我想在檢查數(shù)據(jù)時(shí)打開(true.php)或(false.php)。


我認(rèn)為您在這里是一個(gè)新手的常見疏忽,因?yàn)榇丝棠鷥H檢查數(shù)據(jù)是否正確,而不處理其他任何事情:我在下面的代碼中進(jìn)行了注釋,以證明我的意思。


//if there is at least 1 result then check the data otherwise include false

if ($resultCheck > 0) {


//while we go through the results check each one 

   while($row = mysqli_fetch_assoc($result)){


//if the username and password match include true.html

//however you don't break out of the loop, you keep checking

//if you have decided to include true you should use break;



     if ($row['username'] == $username && $row['password'] == $password) {

       include("true.html");

     }

//otherwise do what?  this should say else include false and then should probably break out the loop here as the

//this will not fall through into the else block below as that is based on the parent condition

//so you will never include a false in this loop - only if there were 0 rows to begin with

//this means that eventually, whenever our loop finishes we will skip 

//down to the next executionable line which is marked with !!!



   }


}else {

   include("false.html");

}

//!!!

您的代碼還有其他一些明顯的問題,例如您似乎將密碼存儲在數(shù)據(jù)庫中的痛苦文本中,應(yīng)該對它們進(jìn)行哈希處理和驗(yàn)證,因此,您永遠(yuǎn)不能只看密碼行==輸入,我建議谷歌搜索php函數(shù)password_hash和password_verify


您也不應(yīng)該使用while循環(huán),在您的登錄系統(tǒng)中,您必須具有唯一的用戶名和密碼組合,因此您應(yīng)該只返回1行-如果您有多于1行,如何確認(rèn)他們是誰?因此,您應(yīng)該使用與pdo-> fetch()相當(dāng)?shù)膍ysqli等效項(xiàng)(我不知道是副手,因?yàn)槲覂H使用pdo)


這使我想到了一個(gè)事實(shí),您應(yīng)該使用準(zhǔn)備好的語句來打擊sql注入,此刻,此登錄系統(tǒng)可以輕松地用于使某人完全訪問所有以純文本存儲的用戶名和密碼。


查看完整回答
反對 回復(fù) 2021-05-21
?
qq_笑_17

TA貢獻(xiàn)1818條經(jīng)驗(yàn) 獲得超7個(gè)贊

我會將HTML文件重命名為PHP。

這實(shí)際上是您的代碼嗎?只是檢查一下,因?yàn)槲募欠駷檫h(yuǎn)程URL會有所不同。

您正在使用while循環(huán)來包含一個(gè)只會產(chǎn)生1個(gè)結(jié)果的HTML文件。有更好的方法可以做到這一點(diǎn),但是無論這是否可行,這都不是問題。有什么錯(cuò)誤嗎?

嘗試

    include './true.php';

代替

    include ("true.html");


查看完整回答
反對 回復(fù) 2021-05-21
  • 3 回答
  • 0 關(guān)注
  • 176 瀏覽

添加回答

舉報(bào)

0/150
提交
取消
微信客服

購課補(bǔ)貼
聯(lián)系客服咨詢優(yōu)惠詳情

 幫助反饋 APP下載

慕課網(wǎng)APP
您的移動學(xué)習(xí)伙伴

 公眾號

掃描二維碼
關(guān)注慕課網(wǎng)微信公眾號