您好我已经为我的网站dubleeble.com建立了一个登录系统,出于某种原因,当您登录时它只会让您在一个页面上隐藏,但是当您移动到另一个页面时它会让您失望!我该如何解决这个问题?
这是我使用的代码:
<?php
session_start();
$username = $_POST['user'];
$password = $_POST['pass'];
if($username&&$password) {
$connect = mysql_connect("host", "user","pass") or die("Could't Connect!");
mysql_select_db("db");
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if($numrows!=0)
{
while ($row = mysql_fetch_assoc($query)) {
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if($username==$dbusername&&$password==$dbpassword) {
$_SESSION['username']=$username;
header('Location: ' . $_SERVER['HTTP_REFERER']);
}
else
header('Location:http://dubleeble.com/php/login/incorrect.php');
}
else
header('Location:http://dubleeble.com/php/login/incorrect.php');
}
else
header('Location: ' . $_SERVER['HTTP_REFERER']);
?>
答案 0 :(得分:0)
注意:
确保您在使用会话变量的每个页面上调用session_start()
$username = $_POST['user'];
$password = $_POST['pass'];
if(isset($username) && isset($password)) {
$connect = mysql_connect("host", "user","pass") or die("Could't Connect!");
mysql_select_db("db");
$row= mysql_fetch_assoc("SELECT * FROM users WHERE username='".mysql_real_escape_string($username)."'");
$numrows = mysql_num_rows($row);
if($numrows > 0) {
if($username == $row['username'] && $password == $row['password']) {
session_start();
$_SESSION['username'] = $username;
header('Location: ' . $_SERVER['HTTP_REFERER']);
}
else
header('Location:http://dubleeble.com/php/login/incorrect.php');
}
else
header('Location:http://dubleeble.com/php/login/incorrect.php');
}
else
header('Location: ' . $_SERVER['HTTP_REFERER']);