我启用了虚荣网址(user.domain.com)。当会话过期或有人清除cookie时,页面将被重定向到具有登录页面的user.domain.com。因此,在所有页面上,我使用以下代码:
if(!isset($_SESSION['user_name'])) { header("Location: http://$_SERVER[HTTP_HOST]");}
10次中的2次我收到重定向错误,指出该页面重定向次数过多。
这可能是原因吗?如果我能做的是以不会导致此类问题的方式重定向。
感谢。
登录代码:
<?php
session_start();
// Process the POST variables
$username = $_SESSION["user_name"];
//$password = $_POST["password"];
// Set up the session variables
$_SESSION["user_name"] = $username;
$ugData = $_REQUEST['sub_name'];
if($_POST){
$_SESSION['user_name']=$_POST["user_name"];
$_SESSION['password']=$_POST["password"];
}
$secret = $info['password'];
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT user_name, password FROM accounts WHERE user_name = '$username' and sub_name='$ugData'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if (@ $info['password'] != $pass)
{
}
else
{
header("Location: home.php");
}
}
}
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
// makes sure they filled it in
if(!$_POST['user_name'] | !$_POST['password']) {
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['user_name'] = addslashes($_POST['user_name']);
}
$check = mysql_query("SELECT user_name,password FROM accounts
WHERE user_name = '".$_POST['user_name']."'
and sub_name='".$ugData."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database.
<a href=add.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['password'] = md5($_POST['password']);
$_POST['password'] = $_POST['password'];
//gives error if the password is wrong
if (@ $_POST['password'] != $info['password']) {
die('Incorrect password, please try again');
}
else
{
// if login is ok then we add a cookie
$_POST['user_name'] = stripslashes($_POST['user_name']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['user_name'], $hour);
setcookie(Key_my_site, $_POST['password'], $hour);
//then redirect them to the members area
header("Location: home.php");
}
}
}
else
{
?>
答案 0 :(得分:1)
假设重定向到http://yourserver/表示http://yourserver/index.php,那么您应该更改if以阅读
if(!isset($_SESSION['user_name']) && $_SERVER['PHP_SELF'] != '/index.php')
{
header("Location: http://$_SERVER[HTTP_HOST]");
}
这将避免无休止的重定向。
答案 1 :(得分:1)
header("Location: http://{$_SERVER['HTTP_HOST']}");不是问题所在。
但是,如果您的登录页面上确实有该代码,那么您只需将自己重定向到主页,因为您将无法登录。
如果用户在登录页面上,请确保不重定向用户。
编辑:试试header('Location: /');也许您有一些奇怪的服务器问题,导致$_SERVER['HTTP_HOST']有时会为空。
答案 2 :(得分:0)
尝试使用die():
if(!isset($_SESSION['user_name'])) { header("Location: http://user.domain.com"); die();}
如果url从用户更改为用户首先从db获取用户名,并在重定向中使用它。尝试类似:
...
$username = $row["username"];
...
并使用它:
if(!isset($_SESSION['user_name'])) { header("Location: http://".$username.".domain.com"); die();}