我正在开发一个可以在主服务器上访问的osCommerce项目,但是当我尝试在LOCALHOST上访问项目的管理部分时,登录页面确实接受了我的登录,理想情况下它应该接受我的登录和重定向我索引,PHP .. 下面是我正在使用的登录脚本..
<?php
require('includes/application_top.php');
if ($session_started == false) {
echo 'session not started';
}
$error = false;
if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
$password = tep_db_prepare_input($HTTP_POST_VARS['password']);
// Check if email exists
$check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
if (!tep_db_num_rows($check_admin_query)) {
$HTTP_GET_VARS['login'] = 'fail';
} else {
$check_admin = tep_db_fetch_array($check_admin_query);
//BOF code for cPanel installer - convert password to cre hash
$check_password = $check_admin['login_password'];
if (substr($check_password, 0, 8) == '_cPanel_'){
$check_password = substr($check_password, 8);
$password_hash = tep_encrypt_password($check_password);
tep_db_query("UPDATE " . TABLE_ADMIN . " SET admin_password = '" . $password_hash . "'");
$check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
$check_admin = tep_db_fetch_array($check_admin_query);
}
//EOF code for cPanel installer - convert password to cre hash
// Check that password is good
if (!tep_validate_password($password, $check_admin['login_password'])) {
$HTTP_GET_VARS['login'] = 'fail';
} else {
if (tep_session_is_registered('password_forgotten')) {
tep_session_unregister('password_forgotten');
}
$login_id = $check_admin['login_id'];
$login_groups_id = $check_admin[login_groups_id];
$login_firstname = $check_admin['login_firstname'];
$login_email_address = $check_admin['login_email_address'];
$login_logdate = $check_admin['login_logdate'];
$login_lognum = $check_admin['login_lognum'];
$login_modified = $check_admin['login_modified'];
tep_session_register('login_id');
tep_session_register('login_groups_id');
tep_session_register('login_firstname');
//$date_now = date('Ymd');
tep_db_query("update " . TABLE_ADMIN . " set admin_logdate = now(), admin_lognum = admin_lognum+1 where admin_id = '" . $login_id . "'");
if (($login_lognum == 0) || !($login_logdate) || ($login_email_address == 'admin@localhost') || ($login_modified == '0000-00-00 00:00:00')) {
tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, '', 'SSL'));
} else {
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'SSL'));
}
}
}
}
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_LOGIN);
include('includes/functions/rss2html.php');
?>
我尝试跟踪此问题,每当我使用正确的电子邮件和密码登录时,它都不会给我“ $ HTTP_GET_VARS ['action'] ”
有人可以指导我这里出错吗?
根据初始回复
我在localhost中启用了register_long_arrays,并且在输入错误的电子邮件地址和密码时效果很好..
答案 0 :(得分:2)
HTTP_GET_VARS之类的变量称为长数组,不推荐使用 - 并且可以禁用。
请参阅 register_long_arrays 指令,关于此问题:可能是您的服务器已停用?
您应该使用$HTTP_GET_VARS超全局数组而不是$_GET。
有关参考文献,请参阅:
注意:操作系统商务是一个相当古老的软件,并且是在不推荐使用长数组之前开发的 - 这可能就是为什么它们被使用...以及为什么可以在PHP中启用register_long_arrays指令配置。
当然,这不建议用于新软件......但如果你必须使用它...它可能比替换$HTTP_GET_VARS的每个实例更容易。
答案 1 :(得分:0)
$ HTTP_GET_VARS已旧并且已弃用,请改用$ _GET。同样适用于其他超级全球:$ _POST,$ _REQUEST,$ _SERVER,$ _COOKIES,$ _FILES等。
答案 2 :(得分:0)
尝试使用$_GET['action']代替$ HTTP_GET_VARS['action']。我建议您完全将$HTTP_GET_VARS替换为$_GET。
从PHP 5.0.0开始,PHP很长 预定义的变量数组可能是 使用register_long_arrays禁用 指令。
答案 3 :(得分:0)
从PHP 5.0.3开始,长期预定义的数组HTTP_GET_VARS被默认禁用。请改用:
$_GET['action'];