大家好,我在这里找到了这段代码
RewriteEngine On
# browser requests PHP
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^\ ]+)\.php
RewriteRule ^/?(.*)\.php$ /$1 [L,R=301]
# check to see if the request is for a PHP file:
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^/?(.*)$ /$1.php [L]
这会删除.php文件扩展名,但我的$ _GET参数不再有效我怎样才能提前解决此问题。我已阅读其他帖子,但没有得到我想要的内容。
经过进一步检查,问题是我登录时
$_SESSION[profileId] // doesn't set anymore
当我清除.htaccess时,一切都恢复正常。我的代码是
$sql = "SELECT * FROM mytable WHERE userName='$_GET['profile']' LIMIT 1";
$user_query = mysqli_query($db_conx, $sql);
$row = mysqli_fetch_array($user_query,MYSQL_ASSOC);
$profileId = $row['profileId'];
if($_SESSION['profileId'] === $profileId){
if(isset($_GET['profile']) && !isset($_GET['edit'])){
echo '<a id="editButtons" href="../profile.php?profile='.$_GET['profile'].'&edit=1">Edit Profile</a>';
}
if(isset($_GET['profile']) && isset($_GET['edit'])){
echo '<a id="editButtons" href="../profile.php?profile='.$_GET['profile'].'">Done editing</a>';
}
}
这是我设置会话的代码
session_start();
$username = mysqli_real_escape_string($db_conx, $_POST['u']);
$password = $_POST['p'];
$ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR'));
if($username == "" || $password == ""){
echo "login_failed";
}else{
$sql = "SELECT * FROM myTable WHERE username='$username' AND activated='yes' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$row = mysqli_fetch_array($query);
$profileId = $row['profileId'];
$compName = $row['compName'];
$db_username = $row['username'];
$db_email = $row['email'];
$db_pass_str = $row['password'];
if(password_verify($password,$db_pass_str)){
$_SESSION['profileId'] = $profileId;
$_SESSION['username'] = $db_username;
$_SESSION['password'] = $db_pass_str;
setcookie("id", $profileId, strtotime( '+30 days' ), "/", "", "", TRUE);
setcookie("user", $db_username, strtotime( '+30 days' ), "/", "", "", TRUE);
setcookie("pass", $db_pass_str, strtotime( '+30 days' ), "/", "", "", TRUE);
// UPDATE THEIR "IP" AND "LASTLOGIN" FIELDS
$sql = "UPDATE myTable SET ip='$ip', lastlogin=now() WHERE profileId='$profileId' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
if($query){
echo $compName;
}
} else {
echo 'login_failed';
}
}
答案 0 :(得分:0)
You are redirect any url to .php page without passing argument.
So passed argument also using htaccess.
Please try these.
For example :-
you want to call test page with your id as parameter then
make request like these /test/12 then it will redirect to test.php?id=12
RewriteRule ^/?(.*)/(.*)$ /$1.php?id=$2 [L]
Please change htaccess like these