我似乎无法让我的重定向工作。首先是班级:
public function LoginUser($username, $password){
// Check if user adn password matches an user in database
if(isset($_POST['username'])){
$username = mysqli_real_escape_string($this->db, $username);
$password = mysqli_real_escape_string($this->db, $password);
$sql = "SELECT * FROM users WHERE name='$username'";
$result = mysqli_query($this->db, $sql) or die('Fel vid SQL-fråga - inloggning');
if(mysqli_num_rows($result)){
$row = mysqli_fetch_array($result);
$stored_password = $row['password'];
// check if hash_equals-function exists
if(function_exists("hash_equals")) {
//If excists
if(hash_equals($stored_password, crypt($password, $stored_password))) {
// create session
header("location: user/loggedin.php");
$_SESSION['login'] = $username;
}else{
echo '*WRONG!*';
}
}else{
//if not exists, use alternate method
if($stored_password == crypt($password, $stored_password)){
// create session that tells that we're logged in
header("location: ../user/loggedin.php");
$_SESSION['name'] = $username;
}else{
echo 'WRONG!';
}
}
}
}
}
我对班级的要求:
<?php
// call class User.php, LoginUser
$users = new User();
if(isset($_POST['loginButton'])){
if($users->LoginUser($_POST['username'], $_POST['password'])){
//header("location: admin/admin.php");
}else{
echo 'wrong username or password';
}
}
答案 0 :(得分:0)
您可以尝试:
if(hash_equals($stored_password, crypt($password, $stored_password))) {
// create session
header("location: user/loggedin.php");
$_SESSION['login'] = $username;
}else if($stored_password == crypt($password, $stored_password)){
// create session that tells that we're logged in
header("location: ../user/loggedin.php");
$_SESSION['name'] = $username;
}else{
echo 'WRONG!';
}
同时检查是否
location: user/loggedin.php
OR
location: ../user/loggedin.php