php - 如果用户输入了错误的登录信息，登录验证会显示警报

问题描述

当用户输入错误的用户名和密码时，我需要回显或显示警告框。如果用户输入了错误的用户名或错误的密码，我同时使用 url 来显示状态。

session_start();


if (isset($_POST['submit'])) {
 include 'dbh.inc.php';

    $uid = mysqli_real_escape_string ($conn, $_POST['uid']);
    $pwd = mysqli_real_escape_string ($conn, $_POST['pwd']);

    //ERROR HANDLERS
    //Check for empty fields

    if (empty($uid) || empty($pwd)) {
    header("Location: ../login.php?login=empty");
    exit();
} else {
    $sql = "SELECT * FROM users WHERE user_uid='$uid' OR user_email='$uid'";
    $result = mysqli_query($conn, $sql);
    $resultCheck = mysqli_num_rows($result);
    if ($resultCheck < 1) {
        header("Location: ../login.php?username_not_found");
        exit();
    } else {
        if ($row = mysqli_fetch_assoc($result)) {
            //De-hashing the password
            $hashedPwdCheck = password_verify($pwd, $row['user_pwd']);
            if ($hashedPwdCheck == false) {
                header("Location: ../login.php?password_not_match");
                exit();
            } elseif ($hashedPwdCheck == true) {
                //Log in the user here
                $_SESSION['u_id'] = $row['user_id'];
                $_SESSION['u_first'] = $row['user_first'];
                $_SESSION['u_last'] = $row['user_last'];
                $_SESSION['u_email'] = $row['user_email'];
                $_SESSION['u_uid'] = $row['user_uid'];

                header("Location: ../apptableremarks.php?login=success");
                exit();
            }
        }
    }
}

} else {
    header("Location: ../index.php?login=error");
    exit();
}

标签： php