Question

问题

所以，我的问题是我有一个名为login-process.php的文件来处理登录信息。我有另一个名为index.php的文件，它是登录/主页。我的问题是required 'server/login-process.php'，但是当我尝试从$message回显出login-process.php（其中包含登录错误）时，它就不会显示出来。另外，我没有收到任何错误。

的index.php

<!-- HOME PAGE -->

<?php
    include 'server/login-process.php';

    if(isset($_SESSION['user'])){
        header("location: admin.php");
    }
?>

<!DOCTYPE html>
<html>
    <head>
        <?php include'templates/head.php'; ?>

        <!-- STYLES -->
        <link rel="stylesheet" href="assets/css/index/large.css" media="(min-width: 800px)">
    </head>
    <body>
        <nav class="login-nav">
            <ul>
                <li><a href="JavaScript:void(0)"><i class="fa fa-sign-in" aria-hidden="true"></i>Login</a></li>
            </ul>
        </nav> <!-- END OF NAV -->

        <form class="login-form" action="server/login-process.php" method="post">
            <input type="text" name="username" placeholder="Username...">
            <input type="password" name="password" placeholder="Password...">

            <button type="submit" name="login-btn">Login</button>
        </form> <!-- END OF FORM -->

        <?php
            echo "
                <h2>$message</h2>
            ";

         ?>

        <?php include 'templates/scripts.php'; ?>
    </body>
</html>

登录-process.php

<?php

require 'connect.php';

session_start();
session_regenerate_id();

$message = "";

if(isset($_POST['login-btn'])) {

    $username = $_POST['username'];
    $password = $_POST['password'];

    // if input fields are empty
    if(!empty($username) && !empty($password)) {

        try {

            $loginInfo = $link->prepare("SELECT * FROM login WHERE id = 1");
            $loginInfo->execute();
            $loginInfo = $loginInfo->fetch();

            // check if username is correct
            if($username == $loginInfo['username']) {

                // if password if correct
                if(password_verify($password, $loginInfo['password'])) {
                    $_SESSION['user'] = $username;

                    header("location:../admin.php");
                } else {
                    $message = "Your username or password is incorrect";

                    header("location:../index.php");
                }

            } else {
                $message = "Your username or password is incorrect";

                header("location:../index.php");
            }

        } catch(PDOException $e) {
            echo "Error: " . $e->getMessage();
        }

    } else if(empty($username) || empty($password)) {
        $message = "Please add your input values";

        header("location:../index.php");
    }

}

?>

Answer 1

Kindly remove all instance of:

header("location:../index.php");

from the file: login-process.php. You keep redirecting, thereby clearing the value of $_POST.

Answer 2

Your problem is that you are submitting your form for the specific page login-process.php from there if it is everything right you REDIRECT that page to the index page here: header("location:../index.php");. The problem is that when you do that you loose all variables created at that time. PHP works in a REQUEST context so, you submit your login it get processed then you redirect it (it is like you have submitted again).

With your current code you can solve it in two ways

1 - either send your form to the index.php (<form class="login-form" method="post"> if you don't add the action it will submit to the same page, therefore login.php) as it already require the login_process.php code BUT you will have to remove that redirect (header("location:../index.php");) and add some control variables to show the actual index page and not the login form again.

2 - Send the message parameter to the index page so it can receive it and process it like this: header("location:../index.php?message=$message"); and then you check in the index.php if the $_GET['message'] exists and show it.

If you need more details, let me know.

无法从其他文件

2 个答案: