页面重定向到错误的位置

时间:2013-04-19 01:08:18

标签: php session

我不确定我对我的代码做了什么,但由于某种原因,我的updatestore.php链接将我带到admin / index.php。下面的两个文件都驻留在localhost / portal / admin中,但我无法理解造成这种不良行为的原因。我的session_start()变量位于../login.php中。我测试从该文件中取出session_start,并且所有其他链接开始以相同的方式运行 - 它们只会将我带到admin / index.php而不是它们应该去的地方。对于该做什么,我感到沮丧。

这是updatestore.php

<?php
    require ("../login.php");

    if ($_SESSION['admin'] != 1)
        header('Location: ../index.php');

    if (isset($_POST['submit'])) {
        $_SESSION['store'] = $_POST['store'];
        header('Location:updatestore2.php');
    }

    include ("header.php");
    include ("adminnav.php");

?>

    <h2>Update Store</h2>

    <?php
        $stmt = $db->prepare("SELECT short_name FROM store ORDER BY short_name");
        $stmt->execute();
        $rows = $stmt->fetchAll();
        $num_rows = count($rows);
        if ($num_rows == 0)
            echo '<p>There are no store\'s currently in the system.';
        else { ?>
            <form action="" method="post">
                <ul>
                    <li>
                        <b>Select Store To Edit:</b><br>
                        <select name="store">
                        <?php
                        foreach($rows as $row) {
                            echo '<option value ="'. $row['short_name'] . '">' . $row['short_name'] . '</option>';  
                        }   ?>
                        </select>
                    </li>
                    <li>
                        <br><input type="submit" value="Select Store" name ="submit" id="submit">
                    </li>
                </ul>
            </form>
<?php    } ?>


<?php   
    include ("footer.php");
?>

这是另一个正常工作的页面,addshortages.php

<?php
    require ("../login.php");

    if ($_SESSION['admin'] != 1)
        header('Location: ../index.php');

    $success = false;

    if (isset($_POST['submit'])) {
        $_SESSION['store'] = $_POST['store'];
        header('Location: addshortages2.php');
    }

    include ("header.php");
    include ("adminnav.php");

?>

    <h2>Update Shortages List</h2>

    <?php
        if (!empty($errors))
            foreach($errors as $error)
                echo $error;

        if ($success == true)
            echo '<p>The FAQ has succesfully been submitted!</p>';
    ?>

    <?php

        $stmt = $db->prepare("SELECT * FROM store ORDER by short_name");
        $stmt->execute();
        $rows = $stmt->fetchAll();
        $num_rows = count($rows);

    ?>
    <?php if ($success == false) { ?>
            <form action="" method="post">
                <ul>
                    <li>
                        <b>Select Store To Modify Shortages:</b><br>
                        <select name="store">
                        <?php
                        foreach($rows as $row) {
                            echo '<option value ="'. $row['short_name'] . '">' . ($row['short_name']) . '</option>';  
                        }   ?>
                        </select>
                    </li>
                    <li>
                        <br><input type="submit" value="Select Store" name ="submit" id="submit">
                    </li>
                </ul>
            </form>
<?php       } ?>

<?php   
    include ("footer.php");
?>

我还有一个问题,我尝试注销我的页面,但他们也只是带我到admin / index.php。注销会将?logout = 1附加到GET变量,但它没有按预期执行。

的index.php

<?php
    require ("login.php");
    require_once ('Bcrypt.php');

    if ((isset($_GET['logout'])) == 1) {
        session_destroy();
        header('Location: ../index.php');
    }

    if (isset($_SESSION['user'])) {
        if ($_SESSION['admin'] == 1)
            header('Location: admin/index.php');
        else
            header('Location: customer/index.php');
    }

    if (isset($_POST['submit'])) {
        if ((empty($_POST['email'])) || (empty($_POST['password']))) 
            $errors[] = 'Please fill out all fields of the registration process.<br>';
        else {
            $email = trim($_POST['email']);
            $password = trim($_POST['password']);

            $stmt = $db->prepare("SELECT * FROM users WHERE email=:email");
            $stmt->bindValue(':email', $email, PDO::PARAM_STR);
            $stmt->execute();
            $rows = $stmt->fetchAll();
            $num_rows = count($rows);
            if ($num_rows) {
                foreach($rows as $row) {
                    $result = Bcrypt::checkPassword($password,$row['password']);
                    if ($result) {
                        $_SESSION['user'] = $row['id'];
                        $_SESSION['admin'] = $row['admin'];
                        $_SESSION['name'] = $row['name'];
                        $_SESSION['email'] = $row['email'];
                        if ($_SESSION['admin'] == 1)
                            header('Location: admin/index.php');
                        else
                            header('Location: customer/index.php');
                    }
                    else
                        $errors[] = 'Your password is incorrect. Please try again.';
                }
            }
            else
                $errors[] = 'We do not have a record of your credentials in our system. To register go <a href="register.php">here</a>. ';
        }

    }

    include ("header.php");
    include ("subnav.php");
?>

    <h2>System Log-In</h2>

    <?php
        if (!empty($errors))
            foreach($errors as $error)
                echo $error;
    ?>

    <form action="" method="post">
        <ul>
            <li>
                <b>E-Mail:*</b> <br>
                <input type="text" name="email"></li>
            <li>
                <b>Password:*</b> <br>
                <input type="password" name="password">
            </li>
            <li>
                <br><input type="submit" value="Log-In" name ="submit" id="submit">
            </li>
            <li>
                <br><a href="register.php">Activate Account Here.</a>
            </li>
            <li>
                If you are having problems with the log-in process, please send us an <a href="mailto:jayl@jays.us">e-mail</a>.
            </li>
        </ul>
    </form>


<?php   
    include ("footer.php");
?>

我已经在IE,Firefox和Chrome上测试了这种情况。 updatestore.php文件仅适用于Firefox。我不知道为什么会这样。此外,对于IE和Chrome,我必须在页面注销之前单击注销链接TWICE并转到相应位置。我把头发拉出来了。

3 个答案:

答案 0 :(得分:0)

正确的格式是使用绝对URL,例如:

 header('Location: http://www.site.com/index.php'); 
 header('Location: http://www.site.com/admin/updatestore2.php'); 

但是如果您不在网址中添加/,浏览器会重定向到当前文件夹的文件。

从内部管理员定位索引,

 header('Location: /index.php'); 

从admin内部定位到admin / updatestore2.php:

 header('Location: updatestore2.php'); 

这些应该可行

答案 1 :(得分:0)

这两行代码都在这两个页面中,但看起来它只是将你重定向到index.php。

if ($_SESSION['admin'] != 1)
        header('Location: ../index.php');

但是,我不知道这是不是问题。

功能页面有以下内容:

$success = false;

这可能导致问题#2:

if ((isset($_GET['logout'])) == 1) {
        session_destroy();
        header('Location: ../index.php');

答案 2 :(得分:0)

变化:
header('Location:updatestore2.php');
要:
header('Location:http://google.com');
并查看它是否正确重定向。
如果确实如此,那么您的问题就在于updatestore2.php