我正在尝试修改一个简单的登录脚本。当我执行“checklogin.php”脚本时(在登录表单调用时) - 没有任何反应。我留在index.php,我仍然看到表单(应该已经被一些jquery删除)。如果我打开萤火虫,我会看到:
POST http://localhost/~Eamon/checklogin.php 200 OK 2ms jquery.js (line 8724)
GET http://localhost/~Eamon/templates/login_success.php 302 Found 1ms jquery.js (line 8724)
GET http://localhost/~Eamon/index.php 200 OK 1ms
GET http://localhost/~Eamon/reqscripts/jquery.js?_=1371173056318 200 OK 1ms jquery.js (line 8724)
GET http://localhost/~Eamon/js/application.js?_=1371173056319 200 OK 0
没有任何错误 - 但我想知道所有这些“GET”请求是否正确。他们中的任何一个应该“POST”吗?
这是我的代码:
的index.php
<!DOCTYPE html>
<html>
<head>
<title>it IT</title>
<script src="reqscripts/jquery.js"></script>
<script src="js/application.js"></script>
</head>
<body>
<form id="login" method="post" action="checklogin.php">
<h1>Member Login</h1>
<p>Username:<input name="myusername" type="text" id="myusername"></p>
<p>Password:<input name="mypassword" type="password" id="mypassword"></p>
<input type="submit" name="Submit" value="Login">
</form>
</body>
</html>
checklogin.php
<?php
session_start();
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="bonjour3"; // Mysql password
$db_name="itit"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
$mysqli = new mysqli("$host", "$username", "$password", "$db_name")or die("cannot connect");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$sql = $mysqli->prepare("SELECT * FROM $tbl_name WHERE username=? and password=?");
$sql->bind_param('ss',$myusername,$mypassword);
$sql->execute();
$sql->store_result();//apply to prepare statement
$numRows = $sql->num_rows;
if($numRows === 1){
$_SESSION['username'] = $myusername;
}
else {
echo "Wrong Username or Password";
}
session_destroy();
?>
JS / application.js中
$(document).ready(function() {
$("#login").submit(function(e) {
e.preventDefault();
$.post("checklogin.php", $(this).serialize(), function(){
$("#showuser").load("templates/login_success.php");
$("#login").remove();
});
});
});
模板/ login_success.php
<?php
session_start();
if($_SESSION['username'] === null){
header("location: ../index.php");
}
?>
<!DOCTYPE html>
<html>
<body>
<h1>Login Successful</h1>
<h2>Username: <? echo $_SESSION['username']?></h2>
<a href = "logout.php">Log out</a>
</body>
</html>
更新
以下是尝试登录后的源代码。我将尝试说明为什么我认为$ _SESSION ['username']永远不会被设置(但为什么?)
<!DOCTYPE html>
<html>
<head>
<body>
<div id="showuser">
<title>it IT</title>
<script src="reqscripts/jquery.js">
<script src="js/application.js">
<form id="login" action="checklogin.php" method="post">
<h1>Member Login</h1>
<p>
Username: <input id="myusername" type="text" name="myusername">
</p>
<p>
Password: <input id="mypassword" type="password" name="mypassword">
</p>
<input type="submit" value="Login" name="Submit">
</form>
<form id="register" action="checkreglogin.php" method="post">
<h1>Member Registration</h1>
<p>
Username: <input id="rmyusername" type="text" name="rmyusername">
</p>
<p>
Password: <input id="rmypassword" type="password" name="rmypassword">
</p>
<p>
Email: <input id="myemail" type="text" name="myemail">
</p>
<input type="submit" value="Register" name="Submit">
</form>
<div id="showuser"></div>
</div>
</body>
</html>
注意整个页面是如何划分的......但底部还有空的“showuser”div。这让我很困惑。我认为,当表单调用checklogin.php时 - 出现问题,用户永远不会保存在$ _SESSION ['username']中。因此......当login_success.php被调用时 - $ _SESSION ['username']被设置为null ...而index.php(所有这些)加载到$ .post请求...因为这就是当根据login_success.php,$ _SESSION ['username']为null。本质上...... login_success.php在此过程中的某个地方变成了index.php。启发我!
答案 0 :(得分:0)
想出来,感谢@fattomhk的评论。我不得不将checklogin.php中的session_destroy()行放入else块中......就像这样:
...
else {
echo "Wrong Username or Password";
session_destroy();
}
?>
在checklogin.php脚本运行后会话被破坏 - 因此会话用户名从未被设置...并且login_success.php在加载页面之前检查用户名...如果没有用户名 - 它加载index.php(这就是为什么页面在登录时没有改变的原因。)