Question

我有一个密码检查功能，用于设置会话变量并重定向到dashboard.php

<?php
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from Form
$myusername=$_POST['username']; 
$mypassword=$_POST['password']; 




if($myusername=="admin" && $mypassword=="admin")
{

$_SESSION['login_user']=$myusername;
header("location: dashboard.php");
}
else 
{
echo "Your Login Name or Password is invalid";
}
}
?>

Dashbord.php会像这样检查会话变量

<?php 
    session_start();
    $user_check=$_SESSION['login_user'];
    if(!isset($user_check))
    {
       header("Location: http://www.none.com/dashboard/login.php");
    }
?>

在仪表板中，我有几个指向php文件的链接，这些文件使用相同的东西来检查会话。

<?php 
    session_start();
    $user_check=$_SESSION['login_user'];
    if(!isset($user_check))
    {
       header("Location: http://www.none.com/dashboard/login.php");
    }
?>

但是当我点击仪表板链接时，我会被重定向到登录页面。但如果我手动导航到链接，我可以访问该页面。我尝试使用以下方法清除会话：

<?php 
session_start();
unset($_SESSION['login_user']);
echo "Logged out of Dashboard";
?>

并尝试手动输入页面，我被重定向到登录，所以代码没问题。但是我需要从仪表板手动导航才能工作。我做错了什么。

add.php

<?php 
       session_start();
        if(!isset($_SESSION['login_user']))
         {
          header("Location: http://www.none.com/dashboard/login.php");
        }
    ?> 
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <title>Add Product Category</title>
    <link rel="stylesheet" type="text/css" href="view.css" media="all">
    <script type="text/javascript" src="view.js"></script>
    <script>
    function validateForm() {
        var x = document.forms["form_974780"]["productname"].value;
        if (x == null || x == "") {
            alert("Please Enter New Product Name");
            return false;
        }
    }
    </script>
    </head
    <body id="main_body" >
    <?php
    if (isset($_POST['submit']))
    {
    $productname=$_POST['productname'];

   //conn goes here 
    $check=$conn->query("SELECT pname FROM products WHERE pname='$productname'");
    $num_rows = mysqli_num_rows($check);
    if($num_rows>0)
    {

    echo "<font color=\"white\">";
    echo("Dealer Already exists ".$productname);
    echo"</font>";
    }
    else
    {
    $result=$conn->query("INSERT INTO products(pname)VALUES('$productname')");
    if($result)
    {
    echo "<font color=\"white\">";
    echo("Successfully Inserted ".$productname);
    echo"</font>";
    }
    else
    {
    echo "<font color=\"red\">";
    echo("Error when inserting");
    echo"</font>";
    }
    }
    mysqli_close($conn);
    } 
    else
    {

    }
    ?>
        <img id="top" src="top.png" alt="">
        <div id="form_container">

            <h1><a>Add Product Category</a></h1>
            <form id="form_974780" class="appnitro"  method="post" action="?" onsubmit="return validateForm()">
                        <div class="form_description">
                <h2>Add Product Category</h2>
                <p></p>
            </div>                      
                <ul >

                        <li id="li_12" >
            <label class="description" for="element_12">Existing Product Categories  </label>
            <div>
            <select class="element select large" id="element_12" name="element_12"> 
    <?php 
    //conn goes here 
    $result=$conn->query("SELECT pname FROM products");
    while ($row=mysqli_fetch_array($result,MYSQLI_ASSOC)){
    echo "<option value='".$row['pname']."'>".$row['pname']."</option>";
    }
    mysqli_close($conn);
    ?> 

            </select>
            </div> 
            </li>       <li id="li_13" >
            <label class="description" for="element_13">Add New Category </label>
            <div>
                <input id="element_13" name="productname" class="element text large" type="text" maxlength="350" value=""/> 
            </div><p class="guidelines" id="guide_13"><small>Enter the new Product Category to add and Click the Submit Button. </small></p> 
            </li>

                        <li class="buttons">
                    <input type="hidden" name="form_id" value="974780" />

                    <input id="saveForm" class="button_text" type="submit" name="submit" value="submit"/>
            </li>
                </ul>
            </form> 

        </div>
        <img id="bottom" src="bottom.png" alt="">
        </body>
    </html>

Answer 1

您只是检查是否设置了$ user_check .. 您还应该检查其中的值。

检查这样的事情。

if(!isset($user_check) or $user_check=="")
{
   header("Location: http://www.none.com/dashboard/login.php");
}

现在它检查它的值。否则，请在检查条件之前避免为$ user_check指定值。做这样的事。

if(!isset($_SESSION['login_user']))
{
   header("Location: http://www.none.com/dashboard/login.php");
}

最后你的代码应该是这样的..

<?php 
session_start();
if(!isset($_SESSION['login_user']))
{
   header("Location: http://www.none.com/dashboard/login.php");
}
?>

希望这会有所帮助..

Answer 2

请试试这个

<?php

session_start();

 $user_check=(isset($_SESSION['login_user']) && !empty($_SESSION['login_user']))?$_SESSION['login_user']:'';



if(empty($user_check))
{
   header("Location: http://www.none.com/dashboard/login.php");
}

?>

将其保存在单独的php中，并将其包含在所有页面中。

当我从另一个页面重定向时，PHP会话检查不起作用

2 个答案: