Php会话重定向页面

时间:2014-09-02 05:19:44

标签: php session

好的,我这里有一个简单的php登录会话。有时会话会破坏我甚至不会破坏会话。在我的Index.php中,有一个用于编辑记录的链接。我的问题是,如果会话销毁,我点击编辑,页面打开在模态或fancybox,并显示login.php和我登录后,它转到index.html。我需要做的是不是进入index.html,而是需要使用GET值重定向到edit.php以继续编辑过程。有什么帮助吗?

的index.php 

<a class="fancybox" href="edit.php?pn='.$row["id"].'"><img src="images/edit.png"></a>

Edit.php 

<?php 
session_start();
include('connect.php');
$tbl_name="login_admin";
if(! isset($_SESSION['id'])){
header('location:login.php');
exit;
}
$id = $_SESSION['id'];
$sql = $mysqli->query("SELECT * FROM $tbl_name WHERE username='$id'");
$accounts   = $sql->fetch_assoc();

$term= $mysqli->real_escape_string($_GET["pn"]);
?>

的login.php 

<?php
require_once('connect2.php');

session_start();
$username = $_POST['username'];
$password = $_POST['password'];
$submit = $_POST['submit'];

if($username && $password){
$sql = sprintf("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'");
$result = @mysql_query($sql);
$accounts = @mysql_fetch_array($result);
}
if($accounts){
$_SESSION['id'] = $accounts['username'];
header("location:index.html");
exit;
}elseif($submit){
$msg = 'Invalid Username or Password';
}
?>

1 个答案:

答案 0 :(得分:0)

很遗憾,您无法继续编辑过程,但您可以在登录后将用户重定向到编辑页面。

有更多的方法,我将展示其中之一。

  1. 在将用户重定向到登录脚本之前,将其原始URL保存到会话中(另一种方法是将其作为GET参数传递给login.php - 不要忘记以这种方式进行验证):

    2. Edit.php:

    <?php 
session_start();
include('connect.php');
$tbl_name="login_admin";
if(! isset($_SESSION['id'])){
    $_SESSION['original_url']=$_SERVER['REQUEST_URI']
    header('location:login.php');
    exit;
}
// rest of the code.....
    1. 然后将用户重定向到该页面而不是默认的index.html页面

      2. 的login.php:

      <?php
require_once('connect2.php');

session_start();
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$submit = $_POST['submit'];

// Security note: see I've sanitized $username and $password with mysql_real_escape_string() to avoid SQL injection
if($username && $password){
    $sql = sprintf("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'");
    $result = mysql_query($sql);
    $accounts = mysql_fetch_array($result);
}

// when account was found store identity to session
if($accounts){
    $_SESSION['id'] = $accounts['username'];

    if (isset($_SESSION['original_url']) {
        // if user came from internal url, redirect to it and remove it from session
        $originalUrl = $_SESSION['original_url'];
        unset($_SESSION['original_url']);
        header("location:".$originalUrl);
        exit;
    } else {
        // redirect user to default page after login
        header("location:index.html");
        exit;
    }

} elseif($submit){
    // login form was sent, but user with given password not found
    $msg = 'Invalid Username or Password';
}
?>
相关问题
最新问题