-3
로그인을 확인하려고하면이 메시지가 나에게 => 전자 메일과 암호가 잘못 표시됩니다. 동일한 이메일과 비밀번호를 입력했지만 제대로 작동하지 않습니다.MySQL 데이터베이스로 스크립트를 검사하는 동안 오류가있는 전자 메일이나 암호가 잘못 입력되었습니다.
나는 로그인 등록 양식을 만들고있어하지만 난
Login.php Regestration.php<?php
session_start();
if(isset($_SESSION['usr_id'])) {
header("Location: index.php");
}
include_once 'db/connect_db.php';
//set validation error flag as false
$error = false;
//check if form is submitted
if (isset($_POST['signup'])) {
$name = mysqli_real_escape_string($conn, $_POST['name']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$password = mysqli_real_escape_string($conn, $_POST['password']);
$cpassword = mysqli_real_escape_string($conn, $_POST['cpassword']);
//name can contain only alpha characters and space
if (!preg_match("/^[a-zA-Z ]+$/",$name)) {
$error = true;
$name_error = "Name must contain only alphabets and space";
}
if(!filter_var($email,FILTER_VALIDATE_EMAIL)) {
$error = true;
$email_error = "Please Enter Valid Email ID";
}
if(strlen($password) < 6) {
$error = true;
$password_error = "Password must be minimum of 6 characters";
}
if($password != $cpassword) {
$error = true;
$cpassword_error = "Password and Confirm Password doesn't match";
}
if (!$error) {
if(mysqli_query($conn, "INSERT INTO users(name,email,password) VALUES('" . $name . "', '" . $email . "', '" . md5($password) . "')")) {
$successmsg = "Successfully Registered! <a href='login.php'>Click here to Login</a>";
} else {
$errormsg = "Error in registering...Please try again later!";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link rel="shortcut icon" href="uploads/pix-favicon.ico">
<meta name="description" content="">
<meta name="keywords" content="">
<!-- CSS dependencies -->
<link rel="stylesheet" type="text/css" href="css/bootstrap.css" />
<link rel="stylesheet" type="text/css" href="css/font-awesome.min.css" />
<link rel="stylesheet" type="text/css" href="css/pix_style.css" />
<link rel="stylesheet" type="text/css" href="css/main.css"/>
<link rel="stylesheet" type="text/css" href="css/font-style.css" />
<link href="css/animations.min.css" rel="stylesheet" type="text/css" media="all" />
<!--[if IE]>
<link rel="stylesheet" type="text/css" href="css/ie-fix.css" />
<![endif]-->
<title></title>
<style type="text/css" id="pix_page_style"></style>
</head>
<body><div class="pix_section pix_nav_menu pix_scroll_header normal pix-padding-v-10" data-scroll-bg="#fff" id="section_1">
<div class="container">
<div class="row">
<div class="col-md-10 col-xs-12 pix-inner-col col-sm-10 column ui-droppable">
<div class="pix-content">
<nav class="navbar navbar-default pix-no-margin-bottom pix-navbar-default">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#pix-navbar-collapse" aria-expanded="false">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand logo-img logo-img-a pix-adjust-height" href="#"><img src="images/main/logo-md.png" alt="OCMS" class="img-responsive pix-logo-img"></a>
</div>
<div class="collapse navbar-collapse" id="pix-navbar-collapse">
<ul class="nav navbar-nav navbar-right media-middle pix-header-nav pix-adjust-height" id="pix-header-nav">
<li class="dropdown"><a href="login.php" class="pix-slight-white">SignIn</a>
</li>
</ul>
</div>
</div>
</nav>
</div>
</div>
</div>
</div>
</div>
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4 well">
<form role="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="signupform">
<fieldset>
<legend>Sign Up</legend>
<div class="form-group">
<label for="name">Name</label>
<input type="text" name="name" placeholder="Enter Full Name" required value="<?php if($error) echo $name; ?>" class="form-control" />
<span class="text-danger"><?php if (isset($name_error)) echo $name_error; ?></span>
</div>
<div class="form-group">
<label for="name">Email</label>
<input type="text" name="email" placeholder="Email" required value="<?php if($error) echo $email; ?>" class="form-control" />
<span class="text-danger"><?php if (isset($email_error)) echo $email_error; ?></span>
</div>
<div class="form-group">
<label for="name">Password</label>
<input type="password" name="password" placeholder="Password" required class="form-control" />
<span class="text-danger"><?php if (isset($password_error)) echo $password_error; ?></span>
</div>
<div class="form-group">
<label for="name">Confirm Password</label>
<input type="password" name="cpassword" placeholder="Confirm Password" required class="form-control" />
<span class="text-danger"><?php if (isset($cpassword_error)) echo $cpassword_error; ?></span>
</div>
<div class="form-group">
<input type="submit" name="signup" value="Sign Up" class="btn btn-primary" />
</div>
</fieldset>
</form>
<span class="text-success"><?php if (isset($successmsg)) { echo $successmsg; } ?></span>
<span class="text-danger"><?php if (isset($errormsg)) { echo $errormsg; } ?></span>
</div>
</div>
<div class="row">
<div class="col-md-4 col-md-offset-4 text-center">
Already Registered? <a href="login.php">Login Here</a>
</div>
</div>
</div>
<div class="pix_section pix-padding-v-40" id="section_5">
<div class="container">
<div class="row">
<div class="col-md-7 col-xs-12 col-sm-7 column ui-droppable">
<div class="pix-content pix-padding-v-30">
<span class="pix-black-gray-light"><span class="pix_edit_text"><strong>OCMS</strong> Copyright © 2017 FIZ | All Rights Reserved</span></span>
</div>
</div>
<div class="col-md-5 col-xs-12 col-sm-5 column ui-droppable">
<div class="pix-content pix-padding-v-20 text-right">
<a href="#" class="small-social">
<i class="pixicon-facebook3 big-icon-50 pix-slight-white"></i>
</a>
<a href="#" class="small-social">
<i class="pixicon-twitter4 big-icon-50 pix-slight-white"></i>
</a>
<a href="#" class="small-social">
<i class="pixicon-instagram4 big-icon-50 pix-slight-white"></i>
</a>
</div>
</div>
</div>
</div>
</div>
<!-- Javascript -->
<script src="js/jquery-1.11.2.js"></script>
<script src="js/jquery-ui.js"></script>
<script src="js/bootstrap.js"></script>
<script src="js/velocity.min.js"></script>
<script src="js/velocity.ui.min.js"></script>
<script src="js/appear.min.js" type="text/javascript"></script>
<script src="js/animations.js" type="text/javascript"></script>
<script src="js/plugins.js" type="text/javascript"></script>
<script src="js/custom.js"></script>
</body>
</html>
로그인 폼
에 도착했을 때 제대로 작동하지 않습니다
<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> <link rel="shortcut icon" href="uploads/pix-favicon.ico"> <meta name="description" content=""> <meta name="keywords" content=""> <!-- CSS dependencies --> <link rel="stylesheet" type="text/css" href="css/bootstrap.css" /> <link rel="stylesheet" type="text/css" href="css/font-awesome.min.css" /> <link rel="stylesheet" type="text/css" href="css/pix_style.css" /> <link rel="stylesheet" type="text/css" href="css/main.css"/> <link rel="stylesheet" type="text/css" href="css/font-style.css" /> <link href="css/animations.min.css" rel="stylesheet" type="text/css" media="all" /> <title>OCMS</title> <style type="text/css" id="pix_page_style"></style> </head> <body><div class="pix_section pix_nav_menu pix_scroll_header normal pix-padding-v-10" data-scroll-bg="#fff" id="section_1"> <div class="container"> <div class="row"> <div class="col-md-10 col-xs-12 pix-inner-col col-sm-10 column ui-droppable"> <div class="pix-content"> <nav class="navbar navbar-default pix-no-margin-bottom pix-navbar-default"> <div class="container-fluid"> <div class="navbar-header"> <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#pix-navbar-collapse" aria-expanded="false"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="navbar-brand logo-img logo-img-a pix-adjust-height" href="#"><img src="images/main/logo-md.png" alt="OCMS" class="img-responsive pix-logo-img"></a> </div> <div class="collapse navbar-collapse" id="navbar1"> <ul class="nav navbar-nav navbar-right"> <?php if (isset($_SESSION['usr_id'])) { ?> <li><p class="navbar-text">Signed in as <?php echo $_SESSION['usr_name']; ?></p></li> <li><a href="logout.php">Log Out</a></li> <?php } else { ?> <li><a href="login.php">Login</a></li> <li><a href="register.php">Sign Up</a></li> <?php } ?> </ul> </div> </div> </nav> </div> </div> </div> </div> </div> <div class="container"> <div class="row"> <div class="col-md-4 col-md-offset-4 well"> <form role="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="loginform"> <fieldset> <legend>Login</legend> <div class="form-group"> <label for="name">Email</label> <input type="text" name="email" placeholder="Your Email" required class="form-control" /> </div> <div class="form-group"> <label for="name">Password</label> <input type="password" name="password" placeholder="Your Password" required class="form-control" /> </div> <div class="form-group"> <input type="submit" name="login" value="Login" class="btn btn-primary" /> </div> </fieldset> </form> <span class="text-danger"><?php if (isset($errormsg)) { echo $errormsg; } ?></span> </div> </div> <div class="row"> <div class="col-md-4 col-md-offset-4 text-center"> New User? <a href="register.php">Sign Up Here</a> </div> </div> </div> <div class="pix_section pix-padding-v-40" id="section_5"> <div class="container"> <div class="row"> <div class="col-md-7 col-xs-12 col-sm-7 column ui-droppable"> <div class="pix-content pix-padding-v-30"> <span class="pix-black-gray-light"><span class="pix_edit_text"><strong>OCMS</strong> Copyright © 2017 FIZ | All Rights Reserved</span></span> </div> </div> <div class="col-md-5 col-xs-12 col-sm-5 column ui-droppable"> <div class="pix-content pix-padding-v-20 text-right"> <a href="#" class="small-social"> <i class="pixicon-facebook3 big-icon-50 pix-slight-white"></i> </a> <a href="#" class="small-social"> <i class="pixicon-twitter4 big-icon-50 pix-slight-white"></i> </a> <a href="#" class="small-social"> <i class="pixicon-instagram4 big-icon-50 pix-slight-white"></i> </a> </div> </div> </div> </div> </div> <!-- Javascript --> <script src="js/jquery-1.11.2.js"></script> <script src="js/jquery-ui.js"></script> <script src="js/bootstrap.js"></script> <script src="js/velocity.min.js"></script> <script src="js/velocity.ui.min.js"></script> <script src="js/appear.min.js" type="text/javascript"></script> <script src="js/animations.js" type="text/javascript"></script> <script src="js/plugins.js" type="text/javascript"></script> <script src="js/custom.js"></script> </body> </html>
SQL 인젝션을 막기 위해'real_escape_string()'함수에 의존하지 마십시오 [그들만으로는 충분하지 않습니다] (https://stackoverflow.com/questions/5741187/sql-injection-that-gets-around- mysql-real-escape-string). [** mysqli **] (https://secure.php.net/manual/en/mysqli.prepare.php) 또는 [** PDO **] (https (https://secure.php.net/manual/en/mysqli.prepare.php)) 매개 변수를 통해 매개 변수가 바인딩 된 준비된 문을 사용해야합니다. : //secure.php.net/manual/en/pdo.prepared-statements.php) 드라이버. [**이 게시물 **] (https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)에는 좋은 예가 있습니다. –
MD5는 보안 상 파손 된 것으로 간주되며 암호 해싱에는 충분하지 않습니다. ['password_hash()'] (http://us3.php.net/manual/en/function.password-hash.php)와 ['password_verify()'] (http://us3.php.net/)를 사용하십시오. manual/ko/function.password-verify.php)를 사용하십시오. 5.5 이전 버전의 PHP를 사용하고 있다면 [이 호환 패키지] (https://github.com/ircmaxell/password_compat)를 사용할 수 있습니다. –
** 경고 ** : 사용자 고유의 액세스 제어 계층을 작성하는 것은 쉽지 않으며 심각하게 잘못 처리 할 수있는 많은 기회가 있습니다. [Laravel] (http://laravel.com/)과 같은 최신 [개발 프레임 워크] (http://codegeekz.com/best-php-frameworks-for-developers/)가있을 때 자신의 인증 시스템을 작성하지 마십시오. 강력한 [인증 시스템] (https://laravel.com/docs/master/authentication)이 내장되어 있습니다. – tadman