强制登录页面首先显示

时间:2016-10-03 14:35:28

标签: php html

我的登录页面工作正常。

它不使用用户数据库,它在代码中使用预定义的用户名和密码。我唯一无法做的就是在index.php之前首先显示登录页面。任何人都可以输入index.php并打开网站,这样就不会使用登录页面了。

这是我的login.php 

<?php
ob_start();
session_start();
?>

<html lang = "en">

<head>
  <title>Alpine VW Extension List</title>
  <link href = "css/bootstrap.min.css" rel = "stylesheet">

  <style>
     body {
        padding-top: 40px;
        padding-bottom: 40px;
        background-color: #ADABAB;
     }

     .form-signin {
        max-width: 330px;
        padding: 15px;
        margin: 0 auto;
        color: #017572;
     }

     .form-signin .form-signin-heading,
     .form-signin .checkbox {
        margin-bottom: 10px;
     }

     .form-signin .checkbox {
        font-weight: normal;
     }

     .form-signin .form-control {
        position: relative;
        height: auto;
        -webkit-box-sizing: border-box;
        -moz-box-sizing: border-box;
        box-sizing: border-box;
        padding: 10px;
        font-size: 16px;
     }

     .form-signin .form-control:focus {
        z-index: 2;
     }

     .form-signin input[type="email"] {
        margin-bottom: -1px;
        border-bottom-right-radius: 0;
        border-bottom-left-radius: 0;
        border-color:#017572;
     }

     .form-signin input[type="password"] {
        margin-bottom: 10px;
        border-top-left-radius: 0;
        border-top-right-radius: 0;
        border-color:#017572;
     }

     h2{
        text-align: center;
        color: #017572;
     }
  </style>

</head>

<body>

  <h2>Welcome, Please Login</h2> 
  <div class = "container form-signin">

     <?php
        $msg = '';

        if (isset($_POST["login"]) && !empty($_POST["username"]) 
           && !empty($_POST['password'])) {

           if ($_POST["username"] == "admin" && 
              $_POST["password"] == "admin") {
              $_SESSION["valid"] = true;
              $_SESSION["timeout"] = time();
              $_SESSION["username"] = "admin";

              header("location:index.php");
           }else {
              $msg = 'Wrong username or password';
           }
        }
     ?>
  </div> <!-- /container -->

  <div class = "container">

     <form class = "form-signin" role = "form" 
        action = "<?php echo htmlspecialchars($_SERVER['PHP_SELF']); 
        ?>" method = "post">
        <h4 class = "form-signin-heading"><?php echo $msg; ?></h4>
        <input type = "text" class = "form-control" 
           name = "username" placeholder = "username = tutorialspoint" 
           required autofocus></br>
        <input type = "password" class = "form-control"
           name = "password" placeholder = "password = 1234" required>
        <button class = "btn btn-lg btn-primary btn-block" type = "submit" 
           name = "login">Login</button>
     </form>


  </div> 

</body>
</html>

1 个答案:

答案 0 :(得分:1)

您需要设置会话变量,就像您在上面的代码中所做的一样。

$_SESSION["valid"] = true;

然后在index.php页面上,您需要启动会话并检查有效会话变量是否设置为true,如果没有重定向回登录页面

session_start();
if($_SESSION["valid"] != true){
    header("location: login.php");
}

要从评论中清除这一点,您只需将它放在index.php文件的顶部(显然在PHP标记中),并且每次加载索引页时都会检查它。

相关问题
最新问题