问题描述 在本地访问页面http://www.phptest.loc/authenticate.php后返回了： Please enter your username and password 为什么没有弹出提示框叫我输入用户名和密码？而在index.php中则提示我输入了。 问题出现的环境背景及自己尝试过哪些方法 开发环境为lnmp1.5 将两个文件(index.php和authenticate.php)的代码交换后发现authenticate.php会弹框，但index.php不会怀疑是不是用了数据库的问题？ 相关代码 index.php <?php $username = 'admin'; $password = 'admin'; if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { if ($_SERVER['PHP_AUTH_USER'] === $username && $_SERVER['PHP_AUTH_PW'] === $password) { echo "You are now logged in <br/>"; } else { exit("Invalid username / password combination"); } echo 'Welcome User: '.$_SERVER['PHP_AUTH_USER'].' Pssword: '.$_SERVER['PHP_AUTH_PW']; } else { header('WWW-Authenticate: Basic realm="Restricted Sectoin"'); header('HTTP/1.0 401 Unauthorized'); exit('Please enter your username and password'); } authenticate.php <?php $db_hostname = 'localhost'; $db_username = 'root'; $db_database = 'phptest'; $db_password = '123456'; $connection = new mysqli($db_hostname, $db_username, $db_password, $db_database); if ($connection->connect_error) exit($connection->connect_error); if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { $un_temp = mysql_entities_fix_string($connection, $_SERVER['PHP_AUTH_USER']); $pw_temp = mysql_entities_fix_string($connection, $_SERVER['PHP_AUTH_PW']); $query = "SELECT * FROM users WHERE username='$un_temp'"; $result = $connection->query($query); if (!$result) exit($connection->error); elseif ($result->num_rows) { $row = $result->fetch_array(MYSQLI_NUM); $result->close(); $salt1 = 'qm&h*'; $salt2 = 'pg!@'; $token = hash('ripemd128', $salt1.$pw_temp.$salt2); if ($token === $row[3]) echo "$row[0] $row[1] : Hi $row[0], you are now logged in as '$row[2]'"; else exit('Invalid username/password combination'); } else { exit('Invalid username/password combination'); } } else { header('WWWW-Authenticate: Basic realm="Restricted Section"'); header('HTTP/1.0 401 Unauthorized'); exit('Please enter your username and password'); } $connection->close(); function mysql_entities_fix_string($connection, $string) { return htmlentities(mysql_fix_string($connection, $string)); } function mysql_fix_string($connection, $string) { if (get_magic_quotes_gpc()) $string = stripslashes($string); return $connection->real_escape_string($string); } setupuser.php <?php $db_hostname = 'localhost'; $db_username = 'root'; $db_database = 'phptest'; $db_password = '123456'; $connection = new mysqli($db_hostname, $db_username, $db_password, $db_database); if ($connection->connect_error) exit($connection->connect_error); $query = " CREATE TABLE users ( forename VARCHAR(32) NOT NULL, surname VARCHAR(32) NOT NULL, username VARCHAR(32) NOT NULL UNIQUE, password VARCHAR(32) NOT NULL ) "; $result = $connection->query($query); if (!$result) exit($connection->error); $salt1 = 'qm&h*'; $salt2 = 'pg!@'; $forename = 'Bill'; $surname = 'Smith'; $username = 'bsmith'; $password = 'mysecret'; $token = hash('ripemd128', $salt1.$password.$salt2); add_user($connection, $forename, $surname, $username, $token); $forename = 'Pauline'; $surname = 'Jones'; $username = 'pjones'; $password = 'acrobat'; $token = hash('ripemd128', $salt1.$password.$salt2); add_user($connection, $forename, $surname, $username, $token); function add_user($connection, $fn, $sn, $un, $pw) { $query = "INSERT INTO users VALUES('$fn', '$sn', '$un', '$pw')"; $result = $connection->query($query); if (!$result) exit($connection->error); } 你期待的结果是什么？实际看到的错误信息又是什么？ 弹框提示： 实际看到的结果：