我正在使用AJAX HTTP请求将登录数据传递给我的php登录脚本。传递数据时,php 脚本在错误处理中检查用户名和密码变量后返回为空。我正在使用数据库中的有效登录详细信息。当用户使用 password_hash(( 注册时,密码已散列;方法,所以也许这就是问题所在?
这是登录 PHP 脚本:
<?php
session_start();
if ( isset( $_POST[ 'submit' ] ) ) {
//Establish DB Connection
include_once 'DBConnection.php';
//Store Username and Password from Login Form
$Username = mysqli_real_escape_string( $conn, $_POST[ 'Username' ] );
$Password = mysqli_real_escape_string( $conn, $_POST[ 'Password' ] );
//Error Handlers
//Check if inputs are empty
if ( empty( $Username ) || empty( $Password ) ) {
header( "Location: ../index.php?login=empty" );
exit();
} else {
$sql = "SELECT * FROM User WHERE Username='" . $Username . "'";
$result = mysqli_query( $conn, $sql );
$resultCheck = mysqli_num_rows( $result );
if ( $resultCheck < 1 ) {
header( "Location: ../index.php?login=error" );
exit();
} else {
if ( $row = mysqli_fetch_assoc( $result ) ) {
//Dehash Password
$hashedPasswordCheck = password_verify( $Password, $row[ 'Password' ] );
if ( $hashedPasswordCheck == false ) {
header( "Location: ../index.php?login=error" );
exit();
} elseif ( $hashedPasswordCheck == true ) {
//Log in user
$_SESSION[ 'u_id' ] = $row[ 'User_ID' ];
$_SESSION[ 'u_first' ] = $row[ 'Forename' ];
$_SESSION[ 'u_last' ] = $row[ 'Surname' ];
$_SESSION[ 'u_email' ] = $row[ 'Email' ];
$_SESSION[ 'u_user' ] = $row[ 'Username' ];
header( "Location: ../index.php?login=success" );
exit();
}
}
}
}
} else {
header( "Location: ../index.php?login=error" );
exit();
}
这是表单代码:
<form class="form" role="form" method="post" action="../Assets/SignIn.php" accept-charset="UTF-8" id="login-nav">
<div class="form-group">
<label class="sr-only" for="exampleInputEmail2">Email Address</label>
<input type="email" class="form-control" id="Username" placeholder="Email Address/Username" required>
</div>
<div class="form-group">
<label class="sr-only" for="exampleInputPassword2">Password</label>
<input type="password" class="form-control" id="Password" placeholder="Password" required>
<div class="help-block text-right"><a href="">Forgot Password?</a>
</div>
</div>
<div class="form-group">
<button type="submit" name="submit" class="btn btn-primary btn-block" onclick="ajax_Login()">Sign in</button>
</div>
<div class="checkbox">
<label>
<input type="checkbox"> keep me logged-in
</label>
</div>
</form>
这是 AJAX 请求:
function ajax_Login(){
"use strict";
//Create XMLHttpRequest object
var request = new XMLHttpRequest();
//Create variables to store data to be sent to PHP file
var url = "signIn.php";
var uname = document.getElementById("Username").value;
var pword = document.getElementById("Password").value;
var vars = "Username="+uname+"&Password="+pword;
request.open("POST", url, true);
//Set content type header info for sending url encoded variables in the request
request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
//Access the onreadystatechange event for XMLHttpRequest object
request.onreadystatechange = function(){
if(request.readyState === 4 && request.status === 200){
var return_data = request.responseText;
document.getElementById("status").innerHTML = return_data;
}
};
//Send data to PHP file
request.send(vars);
}
请检查您的提交按钮名称,因为未设置提交,这就是您收到错误的原因
当您提交 POST 方法表单时,它会向服务器发送 POST 请求,然后设置全局$_POST
。
让我们看一下您的代码:您使用isset( $_POST[ 'submit' ] )
来检查登录表单是否已提交。这意味着您必须有一个带有submit
名称的 HTML 表单元素(输入、复选框等(。如果没有,只需简单地检查isset($_POST)
即可查询数据库或继续工作。
<?php
if ( isset( $_POST ) ) {
session_start();
//Establish DB Connection
include_once 'DBConnection.php';
...
希望这个帮助