我跟随这里的教程:
https://www.dropbox.com/s/lta1r9xhk2u2ef0/3592029.doc
我基本上使用了教程中的所有代码。我的问题是,登录后没有重定向 - 它只是停留在登录页面上。我在mysql数据库中创建了一个用户名为“admin”和密码的用户。我相信我正在输入它们 - 这是我的代码:
login.inc.php
<?php
// Include required MySQL configuration file and functions
require_once('config.inc.php');
require_once('functions.inc.php');
// Start session
session_start();
// Check if user is already logged in
if ($_SESSION['logged_in'] == true) {
// If user is already logged in, redirect to main page
redirect('../index.php');
}
else {
// Make sure that user submitted a username/password and username only consists of alphanumeric chars
if ( (!isset($_POST['username'])) || (!isset($_POST['password'])) OR (!ctype_alnum($_POST['username'])) ) {
redirect('../login.php');
}
// Connect to database
$mysqli = @new mysqli(DB_HOSTNAME, DB_USERNAME,
DB_PASSWORD, DB_DATABASE);
// Check connection
if (mysqli_connect_errno()) {
printf("Unable to connect to database: %s",
mysqli_connect_error());
exit();
}
// Escape any unsafe characters before querying database
>real_escape_string($_POST['username']);
>real_escape_string($_POST['password']);
$sql = "SELECT * FROM users WHERE username = '" . $username . "' AND password = '" . md5($password) . "'";
$result = $mysqli->query($sql);
// If one row is returned, username and password are valid
if (is_object($result) && $result->num_rows == 1) {
// Set session variable for login status to true
$_SESSION['logged_in'] = true;
redirect('../index.php');
}
else {
// If number of rows returned is not one, redirect back to login screen
redirect('../login.php');
}
}
?>
的login.php
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-type" content="text/html;charset=utf-8" />
<title>Creating a Simple PHP and MySQL-Based Login System</title>
</head>
<body>
<form id="login-form" method="post" action="includes/login.inc.php">
Username: <input type="text" name="username" id="username"><br>
Password: <input type="password" name="password" id="password"><br>
<input type="submit" id = "submit" name="Submit" value="Login">
</form>
</body>
</html>
所需的帮助文件是:
functions.inc.php:
<?php
/**
* Crucial Functions for Application
*
* @package tpc_tutorials
* @file /includes/functions.inc.php
*
* Redirects to specified page
*
* @param string $page Page to redirect user to
* @return void
*/
function redirect($page) {
header('Location: ' . $page);
exit();
}
/**
* Check login status
*
* @return boolean Login status
*/
function check_login_status() {
// If $_SESSION['logged_in'] is set, return the status
if (isset($_SESSION['logged_in'])) {
return $_SESSION['logged_in'];
}
return false;
}
?>
的config.inc.php
<?php
/**
* MySQL Database Configuration
*
* @file /includes/config.inc.php
* @note Replace the settings below with those for your MySQL database.
*/
define('DB_HOSTNAME', 'localhost');
define('DB_USERNAME', 'root');
define('DB_PASSWORD', 'xxx');
define('DB_DATABASE', 'itit');
?>
我尝试使用“header(...)”函数切换“redirect()”函数,但没有运气。
更新
我收到了这个错误:
解析错误:语法错误,第13行/Users/Eamon/Sites/includes/login.inc.php中的意外T_STRING
有没有人看到任何语法错误? (login.inc.php)
<?php
error_reporting(E_ALL); ini_set('display_errors', '1');
// Include required MySQL configuration file and functions
require_once('config.inc.php');
require_once('functions.inc.php');
// Start session
session_start();
// Check if user is already logged in
if ($_SESSION['logged_in'] == true) {
// If user is already logged in, redirect to main page
redirect('../index.php');
}
else {
// Make sure that user submitted a username/password and username only consists of alphanumeric chars
if ((!isset($_POST['username'])) || (!isset($_POST['password'])) OR (!ctype_alnum($_POST['username']))) {
redirect('../login.php');
}
// Connect to database
$mysqli = new mysqli(DB_HOSTNAME, DB_USERNAME, DB_PASSWORD, DB_DATABASE);
// Check connection
if (mysqli_connect_errno()) {
printf("Unable to connect to database: %s",
mysqli_connect_error());
exit();
}
// Escape any unsafe characters before querying database
real_escape_string($_POST['username']);
real_escape_string($_POST['password']);
$sql = "SELECT * FROM users WHERE username = '" . $username . "' AND password = '" . md5($password) . "'";
$result = $mysqli->query($sql);
// If one row is returned, username and password are valid
if (is_object($result) && $result->num_rows == 1) {
// Set session variable for login status to true
$_SESSION['logged_in'] = true;
redirect('http://localhost/~Eamon/index.php');
}
else {
// If number of rows returned is not one, redirect back to login screen
redirect('../login.php');
}
}
?>
答案 0 :(得分:2)
您的redirect功能正在设置Location标头。这不适用于相对路径。
redirect('../index.php');
你做不到。您需要使用页面的绝对路径,如:
redirect('http://example.com/index.php');
答案 1 :(得分:0)
会话有效吗?你做过一些调试吗?是否达到了“if(is_object($ result)&amp;&amp; $ result-&gt; num_rows == 1)”块?如果它只是重定向问题,那么你只需要确保在调用重定向功能之前没有空格或打印任何字符。否则如果问题出在其他地方,你必须通过在每一步调试它来找到它。
答案 2 :(得分:0)
// If one row is returned, username and password are valid
if (is_object($result) && $result->num_rows == 1) {
// Set session variable for login status to true
$_SESSION['logged_in'] = true;
redirect('../index.php');
}
else {
// If number of rows returned is not one, redirect back to login screen
redirect('../login.php');
}
如果您的查询返回多于1行,它将重定向到login.php。这也意味着如果您的用户在数据库中存在两次,您将只会被重定向到登录页面。
由于您的SQL查询不会限制结果,因此可能就是这种情况。
最好的方法是找出代码中的最终位置。
例如:将redirect('../index.php');更改为die('redirect to ../index.php')。和redirect('../login.php');到die('redirect to ../login.php')。然后执行您的代码并查看您收到的消息。这将指出你正确的方向。
还要确保错误报告已启用,方法是将error_reporting(E_ALL);和ini_set('display_errors', 1);添加到您的php页面顶部。
答案 3 :(得分:0)
更改重定向功能,因为我认为这是一个路径问题
function redirect($page) {
//assuming your page is smthing like welcome.php
header('Location: http://' . $_SERVER['SERVER_NAME'] . '/' . $page);
exit();
}