我使用html和php创建了一些页面。在主页中,我有所有页面的链接。现在我想为每个页面添加身份验证。没有身份验证,页面就不应该打开。
为此,我创建了一个用于检查身份验证的登录页面。 现在从主页我想打开登录页面,如果点击了任何页面的链接,如果登录成功,我想打开点击链接的页面。
主页:
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Questions</title>
</head>
<body>
<a href="chapter.php">Add a chapter</a><br><br>
<a href="MainPage.php">Upload a file</a><br><br>
<a href="videoFile.php">Upload a video</a><br><br>
<a href="mcq.php">Add a question</a><br><br>
<a href="chapterDelete.php">Delete chapters</a><br><br>
<a href="deleteFiles.php">Delete Files</a><br><br>
<a href="deleteVideoFiles.php">Delete video Files</a><br><br>
<a href="deleteQuestions.php">Delete questions</a>
</body>
</html>
登录页面:
<!DOCTYPE html>
<html>
<head>
<body>
<form action="Login.php" method="post" enctype="multipart/form-data">
Enter Username : <input name = "userName" type = "text"><br><br>
Enter Password : <input name = "pass" type = "text"><br><br>
<input name="submit" type="submit" value = "Submit"><br><br>
<?php
header("Cache-Control: no-cache, no-store, must-revalidate"); // HTTP 1.1.
header("Pragma: no-cache"); // HTTP 1.0.
header("Expires: 0"); // Proxies.
ini_set('display_errors', 1);
error_reporting(1);
ini_set('error_reporting', E_ALL);
$dbh = new PDO('mysql:host=174.138.74;dbname=_pro','rpro', 'ro12345');
if(isset($_POST['submit'])) {
if (!empty($_POST['userName']) && !empty($_POST['pass'])) {
$stmt = $dbh->prepare("select * FROM `users` WHERE `username`= :uName and `pass` = :pass");
$stmt->bindParam("uName", $_POST['userName']);
$stmt->bindParam("pass", $_POST['pass']);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$count = $stmt->rowCount();
if ($count > 0) {
echo 'Login Successful.';
?>
<?php
} else {
echo 'Please enter correct username and password.';
}
}
else{
echo 'Please enter username and password.';
}
}
?>
</form>
</body>
</head>
</html>
我怎样才能做到这一点?请帮忙。谢谢..
答案 0 :(得分:1)
您可以将所有链接设为这些......
<a href="login.php?redirect=chapter">Add a chapter</a><br><br>
<a href="login.php?redirect=MainPage">Upload a file</a><br><br>
<a href="login.php?redirect=videoFile">Upload a video</a><br><br>
<a href="login.php?redirect=mcq">Add a question</a><br><br>
<a href="login.php?redirect=chapterDelete">Delete chapters</a><br><br>
<a href="login.php?redirect=deleteFiles">Delete Files</a><br><br>
<a href="login.php?redirect=deleteVideoFiles">Delete video Files</a><br><br>
<a href="login.php?redirect=deleteQuestions">Delete questions</a>
然后,当用户点击任何链接时,它会将其重定向到login.php页面。在那里进行所有类型的用户凭证验证和&amp;如果发现验证为TRUE,则从前一个链接获取redirect部分URL&amp;
$destination_page = $_GET['redirect'];
&安培;将用户重定向到该页面,否则请求用户再次登录。
答案 1 :(得分:0)
您可以使用会话进行身份验证:
答案 2 :(得分:0)
设置会话变量。请注意,您应该在任何输出之前将标题放在顶部。
header("Cache-Control: no-cache, no-store, must-revalidate"); // HTTP 1.1.
header("Pragma: no-cache"); // HTTP 1.0.
header("Expires: 0"); // Proxies.
ini_set('display_errors', 1);
error_reporting(1);
ini_set('error_reporting', E_ALL);
$dbh = new PDO('mysql:host=174.138.74;dbname=_pro','rpro', 'ro12345');
if(isset($_POST['submit'])) {
if (!empty($_POST['userName']) && !empty($_POST['pass'])) {
$stmt = $dbh->prepare("select * FROM `users` WHERE `username`= :uName and `pass` = :pass");
$stmt->bindParam("uName", $_POST['userName']);
$stmt->bindParam("pass", $_POST['pass']);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$count = $stmt->rowCount();
if ($count > 0) {
$_SESSION['authenticated_user'] = $_POST['userName'];
header("Location: http://www.example.com/loginsuccess.php");
?>
<?php
} else {
echo 'Please enter correct username and password.';
}
}
else{
echo 'Please enter username and password.';
}
}else{
?><!DOCTYPE html>
<html>
<head>
<body>
<form action="Login.php" method="post" enctype="multipart/form-data">
Enter Username : <input name = "userName" type = "text"><br><br>
Enter Password : <input name = "pass" type = "text"><br><br>
<input name="submit" type="submit" value = "Submit"><br><br>
</form>
</body>
</head>
</html>
<?php
}
?>
现在在其他页面上通过检查会话来检查它们是否经过身份验证。
<?php
if (!isset($_SESSION['authenticated_user'])){
header("Location: http://www.example.com/noaccess.php");
}
?>