这个网页有一个重定向循环PHP?

时间:2013-10-28 03:59:27

标签: php mysql sql session post

在我的索引页面上,我有一个指向admin_login.php页面的链接,其中包含以下代码:

<?php
session_start();
if(!isset($_SESSION["manager"])) {
header("location:admin_login.php");
exit();
 }

$managerID = preg_replace('#[^0-9]#i','', $_SESSION["id"]);
$manager = preg_replace('#[^A-Za-z0-9]#i','', $_SESSION["manager"]);
$password = preg_replace('#[^A-Za-z0-9]#i','', $_SESSION["password"]);

include "../storescripts/connect_to_mysql.php";
$sql=mysql_query("SELECT*FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1");
$existCount=mysql_num_rows($sql);
if($existCount==1) {
echo 'Na Na Na Na';
exit();
}

?>

在admin_login.php页面上我有

<?php
session_start();
if(!isset($_SESSION["manager"])) {
header("location:index.php");
exit();
}
?>
<?php
if(isset($_POST["username"])&&isset($_POST["password"])) {

 $manager = preg_replace('#[^A-Za-z0-9]#i','', $_POST["manager"]);
 $password = preg_replace('#[^A-Za-z0-9]#i','', $_POST["password"]);
 include "../storescripts/connect_to_mysql.php";
 $sql=mysql_query("SELECT id FROM admin WHERE username='$manager' AND     password='$password' LIMIT 1");
 $existCount=mysql_num_rows($sql);
 if($existCount==1) {
while($row = mysql_fetch_array($sql)) {
$id=$row["id"];
}
$_SESSION["id"]=$id;
$_SESSION["manager"]=$manager;
$_SESSION["password"]=$password;
header("location: index.php");
exit();
   } else { 
echo ' That info is incorrect , try again <a href="index.php"> Click Here </a>';
exit();
    }
    }
    ?>

我正在使用管理面板登录管理员以获取更多程序,但它向我展示了重定向循环的eroor。

1 个答案:

答案 0 :(得分:2)

由于逻辑错误(Redirection Looping ....)而发生

假设 index.php $_SESSION["manager"]由于以下代码未设置

session_start();
if(!isset($_SESSION["manager"])) {
header("location:admin_login.php");
exit();
 }
由于以下代码

,它会转到admin_login.php
session_start();
if(!isset($_SESSION["manager"])) {
header("location:index.php");
exit();
}

它转到index.php

更新 hmmmmm ..........

警告: mysql_ *已被删除...

解决您的问题

这可能取决于你的逻辑......

我可以说一个......

让我选择loginPage.php(你可以将index.php)作为管理员网关 让代码

function LoginChecker()
{ //Returns 0=Not,1=ok,2=Fraud

$hashCode= md5("of your Security Factor"); //something for better security


if(isset($_SESSION["is_LoggedIn_as_Admin"]))
{
if(isset($_SESSION["Logged_Admin_HASH"]))
{
if($_SESSION["Logged_Admin_HASH"]==$hashCode) //something for better security
{
//its login time have your Code Goes 
 return 1;
}
else
{ return 2;}
}
else
{ return 2;}
}
else
{ return 0;}
}

这样检查不仅仅是重定向

if(LoginChecker()==1)
{
//Logged in
}
else
{
//Html Code to show LoginPage or E......
//include "Login.php"
}

提醒在登录时设置$_SESSION["is_LoggedIn_as_Admin"] $_SESSION["Logged_Admin_HASH"]

相关问题
最新问题