php - PHP登录系统第一次不总是工作 - 没有错误消息,循环回到登录页面
问题描述
我面临的问题是,当我尝试登录我的 PHP 网站时,登录表单通常不会在登录后将用户带到会员页面。首次登录无效。然后,再次使用相同的登录凭据后,它就可以工作了。它并不总是发生。有时它第一次工作没有问题,其他时候,你必须第二次登录才能工作。
<?php
session_start();
require "connection.php";
include "navigation.php";
if(isset($_SESSION['origURL'])){
$url = $_SESSION['origURL'];
}
$max_time = (time() - 60*60);
$client = $_SERVER['REMOTE_ADDR'];
$check = mysqli_query($conn,"SELECT * FROM login_attempts WHERE ip_address = '$client' AND time >='$max_time'");
$checkrow = mysqli_fetch_array($check);
$tries = mysqli_num_rows($check);
if($tries == 3){
header("Location: robot.php");
exit;
}
if ( isset($_COOKIE['userid']) && (isset($_COOKIE['username']) && ($_COOKIE['userid'] !== ""))){
header("Location: member.php");
exit;
}
$error = false;
if(isset($_GET['activated'])){
$error_msg = "<div style='border: 2px solid green;margin-bottom:5px; padding:7px;'>Token authenticated successfully - your account is now activated.</div>";
}
if(isset($_GET['updated'])){
$error_msg = "<div style='border: 2px solid orange;margin-bottom:5px; padding:7px;'>Your details have been updated. Please login again for these changes to take effect.</div>";
}
if(isset($_POST['submit'])){
$var_password = trim($_POST['password']);
$var_password = strip_tags($var_password);
$var_password = htmlspecialchars($var_password);
$var_username = trim($_POST['username']);
$var_username = strip_tags($var_username);
$var_username = htmlspecialchars($var_username);
if (empty($var_username)){
$error = true;
$error = 1;
}else{
if (empty($var_password)){
$error = true;
$error = 1;
}
}
if (!$error){
$var_password = hash('sha256', $var_password);
$query = mysqli_query($conn,"SELECT username, password, userid, acc_active FROM users WHERE username = '$var_username'");
$row = mysqli_fetch_array($query);
$count = mysqli_num_rows($query);
$userid = $row['userid'];
$stat = $row['acc_active'];
if ($count == 1 && $row['username']==$var_username && $row['password']==$var_password) {
if($stat == "active" || $stat == "inactive"){
$_COOKIE['username'] = $row['username'];
$_COOKIE['userid'] = $row['userid'];
$userid = $_COOKIE['userid'];
setcookie("username", $var_username, time()+30*24*60*60);
setcookie("userid", $userid, time()+30*24*60*60);
$stmt = $conn->prepare("DELETE FROM login_attempts WHERE ip_address=?");
$stmt->bind_param("s",$client);
$stmt->execute();
$stmt->close();
if(isset($url)){
header("Location: $url");
}else{
header("Location: member.php");
}
}else{
if($stat == "disabled"){
$error_msg = "<div style='border: 2px solid red;margin-bottom:5px; padding:7px;'>Account does not exist, or it is banned/disabled.</div>";
}
if($stat == "notverified"){
$error_msg = "<div style='border: 2px solid red;margin-bottom:5px; padding:7px;'>Account is inactive. Please check your inbox / spam for activation token.</div>";
}
}
} else {
$error = 1;
}
}else{
$error = 1;
}
if($error == 1){
$when = time();
$stmt = $conn->prepare("INSERT INTO login_attempts(ip_address, username, time) VALUES(?,?,?)");
$stmt->bind_param("sss", $client, $var_username, $when);
$stmt->execute();
$stmt->close();
$tries = $tries + 1;
$error_msg = "<div style='border: 2px solid orange;margin-bottom:5px; padding:7px;'>".$tries. " of 3 login attempts used.</div>";
}
}
?>
<html>
<head>
<title>Login</title>
<link rel="stylesheet" type="text/css" href="styles.css">
</head>
<body>
<div class="login-container">
<h2 class="login-header">Login</h2>
<?php echo $error_msg; ?>
<form method="post" action="" style="text-align:center">
<input type="text" placeholder="Username...(case sensitive)" name="username" />
<input type="password" placeholder="Password..." name="password" />
<input type="submit" name="submit" value="Login"/>
<br />
or...
<br />
<a href="/rail/reset-password" class="login-btn-alt">Reset Password</a>
<br />
<a href="/rail/register" class="login-btn-alt">Register Here</a>
</form>
</div>
</body>
</html>
关于为什么第一次登录并不总是有效的任何澄清都会很棒。只是为了确认,这不是登录失败。使用不正确的凭据登录失败将显示一条最多为 3 的消息。检查控制台等或 apache2 错误日志中没有错误消息或问题。提前致谢。
解决方案
推荐阅读
- scala - 当 foldLeft 应用于 dataFrame 时如何理解输出数据?
- python - 如何与kombu中的任何消费者建立数据库连接(psycopg2)?
- javascript - 如何从 Google App Script 中的文件运行保存的 Big Query 脚本?
- svn - SVN,根据分支点获取分支的变更集
- php - 比较wordpress中两张图片的名称
- yii2 - Yii2 sluggable 迁移行为
- javascript - 将页面保存为完整网页,替换本地目录中的文件,重新加载
- shell - 我应该如何使用 awk 修改具有特定列和值的大文件?
- scip - SCIP 错误:LU 枢轴元素几乎为零 (< 1e-10) - 基在数值上是奇异的
- c# - 如何使用 Controls.PrintDialog,通过 PrintVisual() 或 PrintDocument() 打印