所以我目前有一个表格,我想要保护,所以我有一个登录会话和会话页面设置来处理,但目前当我去我的table.php页面它只是循环我回到index.php(其中登录已处理)
的index.php
<?php
###########################################################
/*
This software belongs to DSKC.TK using it without the explicit
permission of the owner is strictly prohibited
No modifications should be made to this file without a permission from
the creator of this file
Please contact DSKC.TK for further instructions.
*/
###########################################################
session_name('LoginForm');
@session_start();
error_reporting(0);
include("config.php");
if($_SERVER["REQUEST_METHOD"] == "POST") {
// username and password sent from form
$myusername = mysqli_real_escape_string($db,$_POST['email']);
$mypassword = mysqli_real_escape_string($db,$_POST['password']);
$sql = "SELECT id FROM admin WHERE email = '$myusername' and passcode = '$mypassword'";
$result = mysqli_query($db,$sql);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$active = $row['active'];
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1) {
session_register("myusername");
$_SESSION['login_user'] = $myusername;
header("location: table.php");
}else {
$error = "Your Login Name or Password is invalid";
}
}
?>
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
<!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js"> <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>Login Form</title>
<meta name="description" content="">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" />
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
<script src="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
<!-- Stuff ends here-->
</head>
<body>
<?php
$error = '';
if(isset($_POST['is_login'])){
$sql = "SELECT * FROM ".$SETTINGS["USERS"]." WHERE `email` = '".mysql_real_escape_string($_POST['email'])."' AND `password` = '".mysql_real_escape_string($_POST['password'])."'";
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
$user = mysql_fetch_assoc($sql_result);
if(!empty($user)){
$_SESSION['user_info'] = $user;
}
else{
$error = 'Wrong email or password.';
}
}
if(isset($_GET['ac']) && $_GET['ac'] == 'logout'){
$_SESSION['user_info'] = null;
unset($_SESSION['user_info']);
}
?>
<?php if(isset($_SESSION['user_info']) && is_array($_SESSION['user_info'])) { ?>
<form id="login-form" name="form1"> <!-- paste here -->
<div id="form-content">
<div class="welcome">
<?php echo $_SESSION['user_info']['name'] ?>, you are logged in.
<p> Go here <a href="http://dd.22web.org/Test/table.php"> click me </a>
<br /><br />
<?php echo $_SESSION['user_info']['content'] ?>
<br /><br />
<a href="index.php?ac=logout" style="color:#3ec038">Logout</a>
</div>
</div>
</form>
<?php } else { ?>
<form id="login-form" class="login-form" name="form1" method="post" action="index.php">
<input type="hidden" name="is_login" value="1">
<div class="h1">Login Form</div>
<div id="form-content">
<div class="group">
<label for="email">Email</label>
<div><input id="email" name="email" class="form-control required" type="email" placeholder="Email"></div>
</div>
<div class="group">
<label for="name">Password</label>
<div><input id="password" name="password" class="form-control required" type="password" placeholder="Password"></div>
</div>
<?php if($error) { ?>
<em>
<label class="err" for="password" generated="true" style="display: block;"><?php echo $error ?></label>
</em>
<?php } ?>
<div class="group submit">
<label class="empty"></label>
<div><input name="submit" type="submit" value="Submit"/></div>
</div>
</div>
<div id="form-loading" class="hide"><i class="fa fa-circle-o-notch fa-spin"></i></div>
</form>
<?php } ?>
</body>
</html>
这是我处理所有登录内容的index.php,config.php如下:
<?php
###########################################################
/*
This software belongs to DSKC.TK modifying or usage of this file is strictly
prohibited without an explicit permission from the creator.
*/
###########################################################
/* Define MySQL connection details and database table name */
$SETTINGS["hostname"] = '';
$SETTINGS["mysql_user"] = '';
$SETTINGS["mysql_pass"] = '';
$SETTINGS["mysql_database"] = '';
$SETTINGS["USERS"] = 'php_users_login'; // this is the default table name that we used
/* Connect to MySQL */
$connection = mysql_connect($SETTINGS["hostname"], $SETTINGS["mysql_user"], $SETTINGS["mysql_pass"]) or die ('Unable to connect to MySQL server.<br ><br >Please make sure your MySQL login details are correct.');
$db = mysql_select_db($SETTINGS["mysql_database"], $connection) or die ('request "Unable to select database."');
?>
然后我有table.php页面,如果他们没有登录,我希望用户被提示:
<?php
###########################################################
/*
This software belongs to DSKC.TK using it without the explicit
permission of the owner is strictly prohibited
No modifications should be made to this file without a permission from
the creator of this file
Please contact DSKC.TK for further instructions.
*/
###########################################################
include('session.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Table</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" />
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
<script src="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>
<body>
...
</body>
</html>
如果用户没有登录,我想要保护的表页面,但是由于某种原因,它只是将我重定向回login.php,即使我已登录,最后我有代码对于session.php页面:
<?php
include('config.php');
session_start();
$user_check = $_SESSION['login_user'];
$ses_sql = mysqli_query($db,"select username from admin where username = '$user_check' ");
$row = mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);
$login_session = $row['email'];
if(!isset($_SESSION['login_user'])){
header("location: index.php");
}
?>
我知道这需要经过很多代码,所以我想提前感谢大家,感谢任何帮助!