如何将(标题位置)重定向到html文件?

时间:2018-12-25 00:58:34

标签: php

所以我正在php中运行一个注册/登录系统,包括MySQL。

出于测试目的,在成功登录后,我将用户重定向到index.php,该状态指示用户已登录,并为他提供了注销选项。

同时,我制作了一个计划使用的实际html页面,因此,我只添加了index.html,而不是我的login.php文件中的header('location:index.php')。

除了这种情况。

未找到

在此服务器上找不到请求的URL /registration/index.html。

关于为什么会这样的任何想法?我确保所有需要的文件都在文件夹本身中,index.php与index.html共享相同的位置。

我缺少明显的东西吗?

// LOGIN USER
if (isset($_POST['login_user'])) {
    $username = mysqli_real_escape_string($db, $_POST['username']);
    $password = mysqli_real_escape_string($db, $_POST['password']);

    if (empty($username)) {
        array_push($errors, "Username is required");
    }
    if (empty($password)) {
        array_push($errors, "Password is required");
    }

    if (count($errors) == 0) {
        $password = md5($password);
        $query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
        $results = mysqli_query($db, $query);

        if (mysqli_num_rows($results) == 1) {
            $_SESSION['username'] = $username;
            $_SESSION['success'] = "You are now logged in";
            header('location: index.html');
        }else {
            array_push($errors, "Wrong username/password combination");
        }
    }
}

1 个答案:

答案 0 :(得分:3)

总的来说,您有比重定向问题更重要的问题。如果创建每个基本页面顶部都包含的配置文件,则将为您提供帮助。另外,使用一些功能将使您的脚本易于阅读,我添加了一些示例。请勿使用md5()作为密码,可以这么说,因此已经很容易被破解。您想使用password_hash()password_verify(),如果它们不在您的PHP版本中(如果可能,您应该升级到具有该版本的版本),然后使用兼容bcrypt的版本图书馆。另外,在SQL中使用参数化的值,mysqli_real_escape_string()不够好。最后,我认为mysqli是OOP版本,使用起来更容易。

/config.php 

<?php
# Create a constant for your domain, this makes redirect super easy!
define('BASE_URL', 'http://www.example.com');
# Create a constant for your root folder (this config should be in the root)
define('ROOT_DIR', __DIR__);
# Create a function dir
define('FUNCTIONS', ROOT_DIR.'/functions');
# Add session to this page
session_start();
# Add our session var creator
include_once(FUNCTIONS.'/setSession.php');
# Add our get session function (use to retrieve session values)
include_once(FUNCTIONS.'/getSession.php');
# Add our message creator (set all messages via this)
include_once(FUNCTIONS.'/setMessage.php');
# Include our redirect function
include_once(FUNCTIONS.'/redirect.php');

/functions/validate.php 

<?php
function validate($username, $password, $con, &$errors)
{
    # Prepare the statement
    $query = $con->prepare("SELECT * FROM users WHERE username = ?");
    # Bind the parameter
    $query->bind_param('s', $username);
    # Execute the query
    $query->execute();
    # Fetch the row
    $result = $query->fetch_assoc();
    # Stop if there is no username matching
    if(empty($result['password'])) {
        $errors[] = "Invalid Username or Password.";
        return false;
    }
    # See if the password matches
    return (password_verify($password, $result['password']))? $result : false;
}

/functions/redirect.php 

<?php
function redirect($path)
{
    header("Location: {$path}");
    exit;
}

/functions/setSession.php 

<?php
function setSession($key, $value, $multi = false)
{
    if($multi)
        $_SESSION[$key][] = $value;
    else
        $_SESSION[$key] = $value;
}

/functions/getSession.php 

<?php
function getSession($key = false, $clear = false)
{
    if(!empty($key)) {
        $value = (isset($_SESSION[$key]))? $_SESSION[$key] : false;
        if(isset($_SESSION[$key]) && $clear) {
            unset($_SESSION[$key]);
        }
        return value;
    }

    return $_SESSION;
}

/functions/setMessage.php 

<?php
# It's easier to store in the same key all the time, then you can save multiple
# and retrieve them all at one time with implode()
function setMessage($msg, $key = 'general')
{
    setSession($key, $msg, true);
}

/functions/getMessage.php 

<?php
function getMessage($key = 'general', $clear = true)
{
    return getSession($key, $clear);
}

/login.php 

<?php
# add the config
include_once(__DIR__.'/config.php');
# Preset the errors array
$errors = [];
# Check for login
if (isset($_POST['login_user'])) {
    # Set all variables to match keys
    $username = (isset($_POST['username']))? trim($_POST['username']) : false;
    $password = (isset($_POST['password']))? trim($_POST['password']) : false;
    # See if empty
    if (empty($username)) {
        array_push($errors, "Username is required");
    }
    if (empty($password)) {
        array_push($errors, "Password is required");
    }

    if (count($errors) == 0) {
        # Add the validate function
        include_once(FUNCTIONS.'/validate.php');
        # Remember, we want to use the OOP version of $db
        $results = validate($username, $password, $db, $errors);
        # If the user array is set
        if (!empty($results)) {
            # May as well store all the user data
            setSession('user', $results);
            # Store username (or use the one in the user array instead)
            setSession('username', $username);
            # Save the success message
            setMessage('You are now logged in', 'success');
            # Put in full domain using our constant
            redirect(BASE_URL.'/index.html');
        }else {
            array_push($errors, "Wrong username/password combination");
        }
    }
}
相关问题
最新问题