|
 |
| |
สอบถามปัญหาหาเกี่ยวกับ PHP ล็อกอินไม่ผ่านจอขาว ไม่ทำงานเลยครับ |
| |
 |
|
|
 |
 |
|
เป็นอะไรครับ ล็อกอินเชคไม่ผ่านจอขาวมันไม่ทำงาน
Code (PHP)
<?PHP
session_start();
include("configlogin.php");
require_once "sql_inject.php";
$bDestroy_session = TRUE;
$url_redirect = 'login.php';
$sqlinject = new sql_inject('./log_file_sql.log',$bDestroy_session,$url_redirect);
//$sqlinject->test($msquery);
$pass = stripslashes(md5($_POST['pass']));
$pass = htmlspecialchars($pass,ENT_QUOTES);
$login = stripslashes($_POST['login']);
$login = htmlspecialchars($login,ENT_QUOTES);
$db = connectDb();
$sql_username_check = "SELECT CustomerID FROM [WarZ].[dbo].[Accounts] WHERE email='$login'";
$sql_username_check = sqlsrv_query( $db, $sql_username_check);
$username_check = count(sqlsrv_fetch_array( $sql_username_check, SQLSRV_FETCH_ASSOC));
$sql_pass_check = "SELECT MD5Password FROM [WarZ].[dbo].[Accounts] WHERE MD5Password='$pass' AND email = '$login'";
$sql_pass_check = sqlsrv_query( $db, $sql_pass_check);
$pass_check = count(sqlsrv_fetch_array($sql_pass_check, SQLSRV_FETCH_ASSOC));
if (empty($login) || empty($pass))
{
?>
<script>
window.alert("กรุณากรอกข้อมูลให้หมด!");
window.location='../index.php';
</script>
<?php
}
elseif (($username_check != 1))
{
?>
<script>
window.alert("Email ไม่ถูกต้อง!");
window.location='../index.php';
</script>
<?php
}
elseif ($username_check == 1 && $pass_check != 1)
{
?>
<script>
window.alert("Password ไม่ถูกต้อง!");
window.location='../index.php';
</script>
<?php
}
elseif ($username_check != 1 && $pass_check != 1)
{
?>
<script>
window.alert("Email/Pass ไม่ถูกต้อง!");
window.location='../index.php';
</script>
<?php
}
else
{
$sql_nome = "SELECT AccountStatus FROM [WarZ].[dbo].[Accounts] WHERE email='$login'";
$sqlinject->test($sql_nome);
$sql_nome = sqlsrv_query( $db, $sql_nome);
if( $sql_nome === false ) {
die( print_r( sqlsrv_errors(), true));
}
if( sqlsrv_fetch( $sql_nome ) === false) {
die( print_r( sqlsrv_errors(), true));
}
$nome = sqlsrv_get_field( $sql_nome, 0);
$sql_mail = "SELECT email FROM [WarZ].[dbo].[Accounts] WHERE email='$login'";
$sqlinject->test($sql_mail);
$sql_mail = sqlsrv_query( $db, $sql_mail);
if( $sql_mail === false ) {
die( print_r( sqlsrv_errors(), true));
}
if( sqlsrv_fetch( $sql_mail ) === false) {
die( print_r( sqlsrv_errors(), true));
}
$email = sqlsrv_get_field( $sql_mail, 0);
$_SESSION['nome'] = $nome;
$_SESSION['email'] = $email;
$_SESSION['pass'] = $pass;
$_SESSION['login'] = $login;
header ('Location: ../index.php');
}
?>
หรือตรงนี้ต้องใส่ MD5 ทั้งสอง ผมทำแล้วน่ะคับจอขาวเหมือนกัน
Code (PHP)
$pass = stripslashes(md5($_POST['pass']));
$pass = htmlspecialchars($pass,ENT_QUOTES);
Tag : PHP, Ms SQL Server 2008
|
ประวัติการแก้ไข
2014-08-24 12:16:17
|
 |
 |
 |
 |
| Date :
2014-08-24 12:12:37 |
By :
freedom454 |
View :
1103 |
Reply :
12 |
|
 |
 |
 |
 |
|
|
|
|
 |
 |
|
 |
 |
| |
|
|
|
| |
|
display_errors เปิดหรือป่าว ?
|
| |
|
|
| |
| Date :
2014-08-24 12:46:46 |
By :
nukedonut1 |
|
|
| |
|
|
|
|
|
| |
|
|
|
| |
|
|
|
| |
|
ใน php.ini หรอหะ
|
| |
|
|
| |
| Date :
2014-08-24 13:11:29 |
By :
freedom454 |
|
|
| |
|
|
|
|
|
| |
|
|
|
| |
|
|
|
| |
|
เปิดอยู่ครับ
|
| |
|
|
| |
| Date :
2014-08-24 13:33:26 |
By :
freedom454 |
|
|
| |
|
|
|
|
|
| |
|
|
|
| |
|
|
|
| |
|
คือ 2 ตัวนี้เอง ออกใช่ไหมครับ
stripslashes
htmlspecialchars
Code (PHP)
$pass = md5($_POST['pass']);
$pass = md5($pass,ENT_QUOTES);
|
| |
|
|
| |
| Date :
2014-08-24 14:37:23 |
By :
freedom454 |
|
|
| |
|
|
|
|
|
| |
|
|
|
| |
|
|
|
| |
|
|
| |
|
|
| |
| Date :
2014-08-25 10:37:27 |
By :
apisitp |
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
 Load balance : Server 04
|
