第一:代码!
loginform.html
<form action="" method="post" id="loginform">
<h3>Login</h3>
<input type="text" name="username" placeholder="Username">
<br>
<br>
<input type="password" name="password" placeholder="Password">
<br>
<input type="submit" name="logsubmit" value="Login" class="registerbutton">
</form>
login.php
<?php
require_once("../resources/config.php");
require_once("../resources/library/dbconnect.php");
function checkUser($con) {
if (isset($_POST['username']) && isset($_POST['password'])){
$username = $_POST['username'];
$pw = md5($_POST['password']);
$sql="SELECT * FROM `users` WHERE username='$username' and pw='$pw'";
$result = mysqli_query($con, $sql);
$row = mysqli_fetch_assoc($result);
if ($result==true && $username == $row["username"] && $pw==$row["pw"]) {
$_SESSION["logged_in"] = 1;
$_SESSION["admin"] = $row["admin"];
$_SESSION["username"] = $row["username"];
}
else {
$msg = "Das war nichts! Passwort oder Username falsch? <br>".mysqli_error($con);
unset($_SESSION["logged_in"]);
}
}
}
checkUser($connection);
header('location: ../public_html/index.php');
exit;
?>
index.php
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Barstone</title>
<link rel="stylesheet" href="css/default.php" type="text/css">
<link href='http://fonts.googleapis.com/css?family=Bitter:700&subset=latin,latin-ext' rel='stylesheet' type='text/css'>
</head>
<body>
<?php require_once("../resources/config.php");
require_once("../resources/library/header_nav.php");?>
<div class="pagewrapper">
<div class="register-container">
<?php if(!isset($_SESSION['logged_in']) || !isset($_POST['regsubmit']))
{require_once("../resources/library/registerform.php");}
if (isset($_POST['regsubmit']) && $_SESSION['register_check']==true) {printf("Success! Welcome %s!",$_POST['username']);}
?>
</div>
<div class="login-container">
<?php if (isset($_SESSION['logged_in'])) { printf ("<form action='../resources/library/logout.php' method='post' id='loginform'><h3> Hello %s! </h3> Nice to see you!<input type='submit' class='logoutbutton' value='logout'> </form>",$_SESSION["username"]);
}?>
<?php if (isset($_POST["logsubmit"])) {require_once("../resources/library/login.php");
}
else { if (!isset($_SESSION['username'])) {require_once("../resources/library/loginform.html");}}
?>
</div>
<div class="content">
<?php require_once("../resources/library/articles.php");?>
</div>
</div>
</body>
</html>
relevant index.php part
{printf ("<form action='../resources/library/logout.php' method='post' id='loginform'>
<h3> Hello %s!</h3> Nice to see you!
<input type='submit' class='logoutbutton' value='logout'>
</form>",$_SESSION["username"]);}
?>
<?php if (isset($_POST["logsubmit"])) {require_once("../resources/library/login.php");}
else {if (!isset($_SESSION['username']))
{require_once("../resources/library/loginform.html");}
}?>
</div>
应该做什么:
如果用户未登录,请显示loginform.html
。
如果按下登录按钮,请使用login.php
登录用户。
有人使用登录表单登录网站后,会显示一条欢迎消息和一个用于退出的新按钮。
这是做什么的:
显示登录表单正常。
在有人登录后,它什么也没显示。但重新加载页面后,按钮就在那里,工作正常。
$_SESSION['logged_in']
变量是使用登录设置的,但为什么页面需要另外重新加载来正确解释此语句?
我承认我这样做并不一定是'最佳实践',我愿意接受任何建议。还在学习。 :)
进行测试:http://hsturnierv2.pixelpioniere.net/public_html/index.php使用pw“test”登录为“test”
答案 0 :(得分:1)
基本上你在做什么:
<?php if (isset($_SESSION['logged_in']))
// output something
?>
<?php
if (isset($_POST["logsubmit"])) {
// process login with login.php
} else {
if (!isset($_SESSION['username'])) {
//display login form
}
?>
好的,这里发生了什么......
用户第一次访问网站。 (未登录且尚未提交登录表单)
$ _ SESSION [&#39; logged_in&#39;]未设置且//输出未达到的内容
$ _ POST [&#39; logsubmit&#39;]未设置且$ _SESSION [&#39;用户名&#39;]未设置 所以登录表单显示
用户提交Loginform $ _SESSION [&#39; logged_in&#39;]未设置且//输出未达到的内容
设置$ _ POST [&#39; logsubmit&#39;]并调用login.php 如果login.php中没有输出,则页面保持空白。 我假设您在login.php
用户在登录后重新加载页面 $ _SESSION [&#39; logged_in&#39;]现在已设置 - &gt;你到达//输出一些东西
我个人会在一个单独的文件中处理登录:
<?php
if(!isset($_SESSION['logged_in'])) {
// redirect to login.php
}
?>
// here comes the content when user is logged in
在login.php中:
<?php
if(isset($_POST['logsubmit']) {
// handle login and redirect to page that needs login if successfull
}
if($loginError) { // print login errors }
// print login form
?>
编辑:不要忘记session_start()(在包含的文件中,session_start()不是必需的)
答案 1 :(得分:0)
问题很可能是你有
的事实 header('location: ../public_html/index.php');
而不是:
header('Location: ../public_html/index.php');
在login.php中。它应该有一个大写L.它没有,你没有重定向,因此空白页......
<强> 更新 强>
所以你重定向确定但你的脚本因某种原因而死亡。这不是一个逻辑错误,而是一个致命的脚本错误,在它可以输出更多内容之前杀死你的脚本...... 您的代码是:
<?php if (isset($_SESSION['logged_in']))
{
printf ("<form action='../resources/library/logout.php' method='post' id='loginform'>
<h3> Hello %s!</h3> Nice to see you!
<input type='submit' class='logoutbutton' value='logout'>
</form>",$_SESSION["username"]);
}
?>
<?php if (isset($_POST["logsubmit"]))
{
require_once("../resources/library/login.php");
}else
{
if (!isset($_SESSION['username'])) {require_once("../resources/library/loginform.html");
}
}
?>
所以我明白了。当某人实际登录时,index.php需要一个login.php,完成后会发送一个重定位头并退出。但是输出已经开始了!你已经有一半的页面了! 因此标头发出错误(可能由于php.ini设置而未显示)然后退出。因此你得半页。
您应该将index.php代码更改为:
<?php
session_start();
if (isset($_POST["logsubmit"]))
{
require_once("../resources/library/login.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Barstone</title>
<link rel="stylesheet" href="css/default.php" type="text/css">
<link href='http://fonts.googleapis.com/css?family=Bitter:700&subset=latin,latin-ext' rel='stylesheet' type='text/css'>
</head>
<body>
<?php require_once("../resources/config.php");
require_once("../resources/library/header_nav.php");?>
<div class="pagewrapper">
<div class="register-container">
<?php if(!isset($_SESSION['logged_in']) || !isset($_POST['regsubmit']))
{
if (isset($msg)) echo $msg .'<br>';
require_once("../resources/library/registerform.php");}
if (isset($_POST['regsubmit']) && $_SESSION['register_check']==true) {printf("Success! Welcome %s!",$_POST['username']);}
?>
</div>
<div class="login-container">
<?php if (isset($_SESSION['logged_in'])) { printf ("<form action='../resources/library/logout.php' method='post' id='loginform'><h3> Hello %s! </h3> Nice to see you!<input type='submit' class='logoutbutton' value='logout'> </form>",$_SESSION["username"]);
}else { if (!isset($_SESSION['username'])) {require_once("../resources/library/loginform.html");}}
?>
</div>
<div class="content">
<?php require_once("../resources/library/articles.php");?>
</div>
</div>
</body>
</html>
这会阻止标头之前的输出,如果输入错误的凭据,也会显示错误。然后你还应该更改你的login.php文件,这样它每次都不会重定向,而只是在登录成功的情况下,如下所示:
<?php
require_once("../resources/config.php");
require_once("../resources/library/dbconnect.php");
function checkUser($con) {
if (isset($_POST['username']) && isset($_POST['password'])){
$username = $_POST['username'];
$pw = md5($_POST['password']);
$sql="SELECT * FROM `users` WHERE username='$username' and pw='$pw'";
$result = mysqli_query($con, $sql);
$row = mysqli_fetch_assoc($result);
if ($result==true && $username == $row["username"] && $pw==$row["pw"]) {
$_SESSION["logged_in"] = 1;
$_SESSION["admin"] = $row["admin"];
$_SESSION["username"] = $row["username"];
$msg='OK';
}
else {
$msg = "Das war nichts! Passwort oder Username falsch? <br>".mysqli_error($con);
unset($_SESSION["logged_in"]);
}
}
return $msg
}
$result = checkUser($connection);
if ($msg=='OK')
{
header('location: ../public_html/index.php');
exit;
}
?>