Question

我想在panel.php文件中设置check.php文件的会话。我定义$_SESSION['admin']= 1，然后我在panel.php文件中评估管理员会话但我不知道为什么我的面板页面会重定向到index.php（登录表单）。

我带了以下所有代码：

的 check.php： 的

<?php
include_once ("function.php");
$username = $_POST['tfuser'] ;
$password = $_POST['tfpass'] ;

if (isset($username) && isset($password)){
  $link = mysql_connect('localhost','root','') or die ('error in connecting to db');
  mysql_select_db('login',$link) or die ('error select db');

  $sql = "select * from administration 
  where username='$username' and password='$password'";

  $result = mysql_query($sql,$link);

  if (mysql_fetch_assoc($result)){
    //login to panel 
    redirect("panel.php");
    $_SESSION['admin']= 1 ;
  } else {
    //back to login page
    redirect("index.php?error");
  }
} else {
  //back to login page
  redirect("index.php");
}

?>

的 panel.php： 的

<?php
include_once ("function.php");
session_start();
if (!isset($_SESSION['admin'])==1){
  session_destroy();
  redirect("index.php");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>admin panel</title>
</head>

<body>
welcome to admin panel
</body>
</html>

如何解决此重定向？

Answer 1

您的重定向功能调用是在设置$ _SESSION ['admin']

之前

Answer 2

尝试检查$ result中是否存储了某些内容。

Answer 3

当您编写新代码时，您应该避免使用mysql_ *函数，这里是您的代码已修复＆amp;移植到PDO或许它有一些兴趣。

<?php
session_start();
include_once ("function.php");

if($_SERVER['REQUEST_METHOD']=='POST'){
    if (isset($_POST['tfpass']) && isset($_POST['tfuser'])){
        // PDO CONNECT
        try {
            $db = new PDO("mysql:host=localhost;dbname=login", 'root', 'pass');
            $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
            $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
        }catch (Exception $e){
            die('mySQL server error: '.$e->getMessage());
        }

        $sql = "SELECT 1
                FROM administration
                WHERE username=:user AND password=:pass";

        //Prepare the above query
        $stmt = $db->prepare($sql);
        //bind the placeholders to the values
        $stmt->bindParam(':user', $_POST['tfuser']);
        $stmt->bindParam(':pass', $_POST['tfpass']);
        //Execute
        $stmt->execute();
        //Fetch Result
        $result = $stmt->fetchAll(PDO::FETCH_ASSOC);

        if (!empty($result)){
            //login to panel
            $_SESSION['admin']= 1 ;
            redirect("panel.php");
        } else {
            //back to login page
            redirect("index.php?error");
        }
    } else {
        //back to login page
        redirect("index.php");
    }
}else{
    //back to login page, script not accessed via POST
    redirect("index.php");
}
?>

如何评估PHP会话以将用户重定向到管理面板？

3 个答案: