面对将文件从一个php文件重定向到另一个php文件的问题

时间:2018-03-07 12:06:10

标签: php html ajax

我正在使用HTML,Ajax,PHP

我想要实现的是,当用户登录并且type="student"必须重定向到simple.php文件时,如果type="marker"应该重定向到另一个marker.php文件。如果凭据错误,则应在同一登录页面上显示错误消息

<script>
    $(document).ready(function(){
        $('#submit').click(function(){
            var username1=$('#username').val();
            var password1=$('#password').val();
            var type1=$('#utype').val();

            $.post("lo.php",{x:username1,y:password1,z:type1},function(validEntry){
                $('#resultDiv').html(validEntry);
            })
            /*
            $.ajax({

                url:"lo.php",
                data:{username2:'username1',password2:'password1',type2:'type1'},
                success:function(data){
                    $('#resultDiv').text(data);
                }
            })*/
        })
    })
</script>

</body>
</html>

这是我的PHP示例代码:

<?php
session_start();

$con=mysqli_connect('localhost','root','','multilevel');

//print $_POST['name']; 
$username3=$_POST['x'];
$password3=$_POST['y'];
$type3=$_POST['z'];

$query="select * from login where username='$username3' and  password='$password3' and type='$type3'";

$run=mysqli_query($con,$query);

$check_entry=mysqli_num_rows($run);




while ($row = mysqli_fetch_array($run)) { 
    if ($row['username'] == $username3 && $row['password'] == $password3 && $row['type'] == 'Student') 

    {
        $_SESSION["username1"] = $username3; 
        header("Location:simple.php");

    } elseif ($row['username'] == $username3 && $row['password'] == $password3 && $row['type'] == 'Marker') {


        $_SESSION["username1"] = $username; 
        header("Location:simple1.php");
    } else {

        print "<h2>Username or password is incorrect</h2>";
        exit();
    }

}

?>

1 个答案:

答案 0 :(得分:0)

使用ajax时,不得使用php标头重定向,您需要侦听服务器响应,然后根据响应使用前端的jquery重定向。

您的服务器端:

<?php
ob_start();
session_start();
$data     = array();
$redirect = array();
$message  = array();

$con = mysqli_connect('localhost', 'root', '', 'multilevel');

$username3 = $_POST['x'];
$password3 = $_POST['y'];
$type3     = $_POST['z'];

$query = "SELECT * from login where username='$username3' and  password='$password3' and type='$type3'";

$run = mysqli_query($con, $query);

$check_entry = mysqli_num_rows($run);


while ($row = mysqli_fetch_array($run)) { 
    if ($row['username'] == $username3 && $row['password'] == $password3 && $row['type'] == 'Student') 
        {
        $_SESSION["username1"] = $username3; 
        $redirect['redirect']  = "simple.php"; //redirect
        $message['success']    = "ok";

    } elseif ($row['username'] == $username3 && $row['password'] == $password3 && $row['type'] == 'Marker') {

        $_SESSION["username1"] = $username; 
        $redirect['redirect']  = "marker.php"; //redirect
        $message['success']    = "ok";
    } else {

        $message['error'] = "Username or password is incorrect";
    }

}

$data['message']   = $message;
$data['redirects'] = $redirect;

ob_end_clean();

echo json_encode($data);
?>

然后在客户端。

<script>
    $(document).ready(function(){
        $('#submit').click(function(event){
            event.preventDefault();

            var username1=$('#username').val();
            var password1=$('#password').val();
            var type1=$('#utype').val();            
            $.ajax({

                url:"lo.php",
                data:{username2:'username1',password2:'password1',type2:'type1'},
                dataType :"json",
                encode : true,
                success:function(data){
                    if(data.message.success == "ok"){
                        //if response is ok then login success
                var redirectUrl = JSON.stringify(data.redirects);
                redirectUrl = redirectUrl.replace(/[{"":}]/g, '');
                var url = redirectUrl.replace('redirect','');
                setTimeout(' window.location.href = "'+ url + '"; ', 6000);
                    $('#resultDiv').html("Login success redirecting...");
                    }else{
                       $('#resultDiv').text(data.message.error); 
                    }

                }
            });
        });
    });
</script>
  

注意:你需要照顾的事情;

     
      
  1. 不要将密码作为纯文本存储在数据库中,使用password_hash()和password_verify()来保护您的密码。
  2.   
  3. 使用预准备语句,以防止sql注入,因为您的代码不安全,
  4.   

有关我上面所说的更多内容,请参阅Manuel