所以这是this post的后续行动。我已经在其他网站上测试了该帖子中的代码,我得到了有效的回复和成功的登录。但是在这个网站上,我得到了一个看似重定向的内容。这是我试图访问的php文件。
<?php
session_start();
error_reporting(E_ALL^ E_NOTICE);
//include the connection and variable defination page
include("include/server.php");
include("include/function.php");
//checking the form has been submit by user or not
if(isset($_POST['cmdSubmit']) and $_POST['cmdSubmit']="Login")
{
//$refLink = $_SERVER['HTTP_REFERER'];
$refLink = "index.php?err_msg=1";
$user = addslashes($_POST['username']);
$pass = addslashes($_POST['password']);
$remember = $_POST['remember'];
$strErrorMessage = "";
if($user==""){
$strErrorMessage = "User Name can not be blank";
}
if($pass==""){
$strErrorMessage = "Password can not be blank";
}
if($user=="" and $pass==""){
$strErrorMessage = "User Name and Password can not be blank";
}
if($strErrorMessage=="")
{
if(isset($_POST['remember'])){
//removing all the cookie at set the user name password in cookies
unset($_COOKIE[session_name()]);
setcookie("usernamex", $_POST['username'], time()+60*60*24*100);
setcookie("userpassx", $_POST['password'], time()+60*60*24*100);
setcookie("rememberx", $_POST['remember'], time()+60*60*24*100);
}else{
if(isset($_COOKIE['rememberx']) && isset($_COOKIE['usernamex']) && isset($_COOKIE['userpassx']))
{
unset($_COOKIE[session_name()]);
setcookie("usernamex", $_POST['username'], time());
setcookie("userpassx", $_POST['password'], time());
setcookie("rememberx", $_POST['remember'], time());
}
}
$sqlLogin = "select * from member_mast where username = '".$user."' and password = '".$pass."' and is_deleted_flg=0 and is_profile=0";
$queryLogin = mysql_query($sqlLogin) or die(mysql_error()." Please check the Query");
$totLogin = mysql_num_rows($queryLogin);
//here checking the user is authorized or not
if($totLogin>0)
{
$rsLogin = mysql_fetch_array($queryLogin);
$_SESSION['uid'] = trim($rsLogin['username']);
$_SESSION['memberid'] = trim($rsLogin['user_id']);
$_SESSION['userType'] = trim($rsLogin['member_role']);
if(isset($_POST["page"]) and trim($_POST["page"])!="")
{
$pageName = trim($_POST["page"]);
$pagepassId = trim($_POST["pageid"]);
$redirect_url = "http://www.fakesite.com/fspv2/welcome.php?page=".$pageName."&pageid=".$pagepassId;
}
else
{
//$redirect_url = "http://www.fakesite.com/fspv2/welcome.php";
//$redirect_url = "welcome.php";
$redirect_url = "welcome.php";
}
//header("Location: ".$redirect_url);
?>
<script>window.location.href="<?php echo $redirect_url; ?>";</script>
<!-- <meta http-equiv="refresh" content="0;url=<?php echo $redirect_url; ?>"> -->
<?php
}
else
{
$displayMessage = "Login failed. If you are authorized, try again";
session_destroy();
$state = "inv";
$_SESSION['username'] = $_POST['username'];
$_SESSION['password'] = $_POST['pass'];
$username = $_SESSION['username'];
$password = $_SESSION['password'];
?>
<script>window.location.href="<?php echo $refLink; ?>";</script>
<?php
}
}
else
{
$state = "inv";
$_SESSION['username'] = $_POST['userid'];
$_SESSION['password'] = $_POST['pass'];
$username = $_SESSION['username'];
$password = $_SESSION['password'];
$displayMessage = $strErrorMessage;
?>
<script>window.location.href="<?php echo $refLink; ?>";</script>
<?php
}
}
//header("Location: ".$refLink);
?>
<!--<script>window.location.href="<?php echo $refLink; ?>";</script>--> <!-- <meta http-equiv="refresh" content="0;url=<?php echo $refLink; ?>"> -->
现在当我连接到这个login.php时,如果用户名/ pw是否有效则无关紧要。我得到的唯一回应就是这个
05-18 17:08:50.160: V/RESPONSE(30797): <!--<script>window.location.href="";</script>--> <!-- <meta http-equiv="refresh" content="0;url="> -->
看起来好像javascript
试图重定向我,因为它是移动设备。我可以在那里找到的唯一重定向是将客户端重定向到“welcome.php”,如果他们成功登录就会这样。我已经浏览了网站上的文件,似乎没有移动登录。 php(我可能错了)。应该注意的是,我没有设计我正在尝试登录的网站,该网站正在运行,用户可以从他们的浏览器中的php
文件登录。我也可以访问所有文件。 *我的问题是为什么这个php
文件不允许我通过我的Android应用程序登录而是给我这个奇怪的回复? * 如果您需要查看任何其他代码,请询问。谢谢!
答案 0 :(得分:1)
javascript来自哪里很容易回答:
?>
<!--<script>window.location.href="<?php echo $refLink; ?>";</script>--> <!-- <meta http-equiv="refresh" content="0;url=<?php echo $refLink; ?>"> -->
PHP标记结束后,还有其他文本。即javascript。如果您不想在响应中使用它,则需要将其从PHP文件中删除或放入PHP if条件,以使其仅在某些上下文中显示。
就Android代码而言,您需要添加
nameValuePairs.add(new BasicNameValuePair("cmdSubmit", "Login"));
否则您的第一个if(PHP)子句为false。