我正在尝试为我的简历制作一个简单的网页,任何想要查看我的简历的人都会注册,然后在首页使用用户名和密码登录(是的,这很愚蠢,但它仅适用于一个简单的项目,我不打算让它成为那个)。问题是,当我将这些HTML和PHP文件上传到在线服务器时,页面不起作用或注册登录名,即使它应该工作。
我总共有 8 个文件处理登录系统和主页。 第一个文件是头文件,其中包含主页的HTML代码和几行PHP代码,这些代码处理session_start登录和if-else语句,该语句主持在登录会话中维护用户。它非常混乱,我的HTML编码很糟糕,所以有很多多余的代码行用于我不使用的按钮和列表,但一旦我想出其他所有内容,就计划使用。
第二个文件是索引.php。该文件在开头和结尾包含两行PHP代码,需要"页眉.php"和"页脚.php"。介于两者之间的是代码,它基本上会为用户提供一条消息,无论他们是登录还是注销。
第三个文件是页脚.php。这正是它,一个简单的页脚文件,带有结束页脚和 HTML 标签,仅此而已。
第四个文件是注册.php。同样,就像index.php一样,它在开头和结尾包含代码行"require = 'header.php'"和"require = 'footer.php'"。介于两者之间的是带有一堆 if-elseif-else 的代码,用于处理用户是否在字段中输入字符以及出现问题时导致的错误。
最后四个文件是位于根目录中的"看不见"文件夹中并处理后台任务的文件。
第五个文件是"loginunseen.php"。此文件处理登录内容。
第六个文件是"注册看不见.php"。此文件处理注册内容,并检查数据库中是否有重复项。
第七个文件是"logoutunseen.php"。这是一个小文件,它通过几个 session_x() 将用户从会话中"注销"出来;语句。
第八个文件是"数据库处理程序看不见.php"。此文件执行登录到存储用户信息的主SQL数据库。当我在本地使用时,我更改了用户名、密码和数据库以在本地服务器上使用,但是当我将其上传到具有与我使用的不同密码、用户名和数据库的联机服务器时,我确保更改变量。
最后,在MySQL中,我正在使用一个名为"users"的数据库,其中条目为"idUsers int(11) PRIMARY_KEY AUTO_INCREMENT NOT NULL","usernameUsers TINYTEXT NOT NULL","emailUsers TINYTEXT NOT NULL","passwordUsers LONGTEXT not NULL">
我使用 CSS 文件来设置网站的样式,但这并不重要。
******标头.php*******
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>Read about me!</title>
<link href="sitelook.css" rel="stylesheet" type="text/css">
</head>
<body>
<header>
<nav>
<div class="row">
<div class="logo">
<img src="logo1.png">
</div>
<ul class="main-nav">
<li class="active"><a href=""> Sign in </a></li>
<li><a href=""> About </a></li>
<li><a href=""> FAQ </a></li>
<li><a href=""> Log Out </a></li>
</ul>
</div>
<div class ="header-login">
<?php
if (isset($_SESSION['userID'])){
echo '<form action="unseen/logoutunseen.php" method="post">
<button type="submit" name="logout-submit">Logout</button>
</form>';
} else {
echo '<form action="unseen/loginunseen.php" method="post">
<input type="text" name="mailuid" placeholder="username">
<input type="password" name="pwd" placeholder="password">
<button type="submit" name="login-submit">Login</button>
</form>';
}
?>
<a href="signup.php" class="header-signup">Sign up</a>
</div>
<div class="hero">
<h1>Want to read my bio? Login!</h1>
<div class="button">
<a href="" class="btn btn-one"> Log in</a>
</div>
</div>
</nav>
</header>
******索引.php*******
<?php
require "header.php";
?>
<main>
<div class="wrapper-main">
<section class="section-default">
<?php
if (isset($_SESSION['userID'])){
echo '<p class="login-status">Logged in!</p>';
} else {
echo '<p class="logout-status">Logged out!</p>';
}
?>
</section>
</div>
</main>
<?php
require "footer.php";
?>
****.php**
?php
require "header.php";
?>
//in form class, check unseen/signup.php
<main>
<div class="wrapper-main">
<section class="section-default">
<h1>Sign up to read my bio!</h1>
<?php
if (isset($_GET['error'])){
if($_GET['error'] == "emptyfields"){
echo '<p class="signuperror">Fill in the fields</p>';
} elseif ($_GET['error'] == "invaliduidmail"){
echo '<p class="signuperror">Invalid username and email</p>';
} elseif ($_GET['error'] == "invaliduid"){
echo '<p class="signuperror">Invalid username</p>';
} elseif ($_GET['error'] == "invalidmail"){
echo '<p class="signuperror">Invalid email</p>';
} elseif ($_GET['error'] == "usertaken"){
echo '<p class="signuperror">Username taken</p>';
}
} elseif ($_GET['success'] == "signup"){ //success=signup
echo '<p class="signupsuccess">You are signed!</p>';
}
?>
<form class="form-signup" action="unseen/signupunseen.php" method="post">
<input type="text" name="uid" placeholder="username">
<input type="text" name="mail" placeholder="email">
<input type="password" name="pwd" placeholder="password">
<button type="submit" name="signup-submit">Signup</button>
</form>
</section>
</div>
</main>
<?php
require "footer.php";
?>
******页脚.php*******
<footer>
</footer>
</body>
</html>
******登录未见过.php*******
<?php
if (isset($_POST['login-submit'])) { //in require 'databasehandlerunseen.php check if path file is correct
require 'unseen/databasehandlerunseen.php';
$mailuserid = $_POST['mailuid'];
$password = $_POST['pwd'];
if (empty($mailuserid) || empty($password)) {
header("Location: ../index.php?error=emptyfields");
exit();
} else { //checks if the user's password inputted is correct or in the database
$sql = "SELECT * FROM users WHERE usernameUsers=? or emailUsers=?;";
$stmt = mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt, $sql)){
header("Location: ../index.php?error=sqlerror");
exit();
} else{
mysqli_stmt_bind_param($stmt, "ss", $mailuserid, $mailuserid);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($result)){
$passCheck = password_verify($password, $row['passwordUsers']);
if ($passCheck == FALSE){
header("Location: ../index.php?error=wrongpassword");
exit();
} elseif ($passCheck == TRUE){
session_start();
$_SESSION['userID'] = $row['idUsers'];
$_SESSION['userUserID'] = $row['usernameUsers'];
header("Location: ../index.php?login=successpass");
exit();
}
else {
header("Location: ../index.php?error=wrongpassword");
exit();
}
} else {
header("Location: ../index.php?error=nouser");
exit();
}
}
}
}
else {
header("Location: ../signup.php");
exit();
}
?>
**********注册未见.php******
<?php
if (isset($_POST['signup-submit'])) {
require 'unseen/databasehandlerunseen.php';
//now to fetch information from form. Use 'uid', 'mail', 'pwd' from signup.php
$username = $_POST['uid'];
$email = $_POST['mail'];
$password = $_POST['pwd'];
//error handlers to check if user inputted correct info
//check if fields are empty
if (empty($username) || empty($email) || empty($password)) {
header("Location: ../signup.php?error=emptyfields&uid=" . $username . "&email=" . $email);
exit();
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL) && !preg_match("/^[a-zA-Z0-9]*$/", $username)) {
header("Location: ../signup.php?error=invalidmail&uid");
exit();
} //checks for invalid email
elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: ../signup.php?error=invalidmail&uid=".$username);
exit();
} elseif (!preg_match("/^[a-zA-Z0-9]*$/", $username)) {
header("Location: ../signup.php?error=invaliduid&mail=".$email);
exit();
} // This else statement checks if user signs in with a username already taken
else {
// MySQL query statement, make sure entries are correct
// Must use prepared statements for extra layer of security
$sql = "SELECT usernameUsers FROM users WHERE usernameUsers=?";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../signup.php?error=sqlerror");
exit();
} else {
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
$resultCheck = mysqli_stmt_num_rows($stmt);
if ($resultCheck > 0) {
header("Location: ../signup.php?error=usertaken&mail=" . $email);
exit();
} else {
$sql = "INSERT INTO users (usernameUsers,emailUsers, passwordUsers) VALUES(?,?,?)";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../signup.php?error=sqlerror");
exit();
} else { // creating hash of passwords inputted for security. PASSWORD_DEFAULT IS SECURE AND UPDATED
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
mysqli_stmt_bind_param($stmt, "sss", $username, $email, $password);
mysqli_stmt_execute($stmt);
header("Location: ../signup.php?success=signup");
exit();
}
}
}
}
mysqli_stmt_close($stmt);
mysqli_close($conn);
}
else {
header("Location: ../signup.php");
exit();
}
**********logoutunseen.php*********
<?php
//logs you out
session_start();
session_unset();
session_destroy();
header("Location: ../index.php");
?>
************数据库处理程序.php*******
<?php
//these variables need to be changed before uploaded to online server
$servername = "localhost";
$dBUsername = "root";
$dBPassword = "";
//dBName is name of the database in mysql. If using locally, it's loginsys. Online database, it's bremy_project
$dBName = "NAME OF DATABASE HERE";
$conn = mysqli_connect($servername, $dBUsername, $dBPassword, $dBName);
if(!$conn){
die("Connection failed: ".mysqli_connect_error());
}
?>
我希望能够查看其他PHP页面,但我总是停留在主页上。当我在在线服务器上使用这些文件时,没有任何内容通过,并且没有用户名,密码或电子邮件条目保存在数据库中,即使它应该通过。我唯一能想到的是代码中的文件路径不正确。
您应该必须通过启用 PHP 错误报告来调试您的 PHP 代码。 显示所有 php 错误和警告的最快方法是将这些行添加到 PHP 代码文件中:
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
将这些行添加到PHP文件后,您将看到一些错误,并知道为什么您总是卡在主页上