我正在尝试为数据库开发接口,但是我在php中不是很实际。我想做的是登录后显示主页。但是,重定向不起作用。
所需行为: 1)index.php->登录表单/登录凭据
2)将凭据登录名发送到authenticate.php,如果一切正确,则查看主页
当前行为: 发送凭据后,authenticate.php不会更改homepage.php中的页面,而是保留空白页面。
authenticate.php
<?php require_once ('connect.php');
ob_start();
session_start();
// Now we check if the data was submitted, isset will check if the data exists.
if ( !isset($_POST['username'], $_POST['password']) ) {
// Could not get the data that should have been sent.
die ('Username and/or password does not exist!');
}
if ($stmt = $connect->prepare('SELECT username, password FROM user WHERE username = ?')) {
// Bind parameters (s = string, i = int, b = blob, etc), hash the password using the PHP password_hash function
$stmt->bind_param('s', $_POST['username']);
$stmt->execute();
$stmt->store_result();
// Store the result so we can check if the account exists in the database.
if ($stmt->num_rows > 0) {
$stmt->bind_result($username, $password);
$stmt->fetch();
$hash = hash('sha256', $_POST['password']);
// Account exists, now we verify the password.
if (hash_equals($password, $hash)) {
$_SESSION['loggedin'] = TRUE;
$_SESSION['username'] = $_POST['username'];
header('Location: homepage.php');
$output = ob_get_clean();
} else {
echo 'Incorrect username and/or password!';
}
} else {
echo 'Incorrect username and/or password!';
}
$stmt->close();
} else {
echo 'Could not prepare statement!';
}
?>
connect.php
<?php
$config = parse_ini_file('pathToFile...\credential.ini');
$connect = @mysqli_connect('localhost',$config['username'],$config['password'],$config['dbname']);
unset($config);
?>
homepage.php
<?php require_once ('connect.php');
// check to see if the user is logged in
if ($_SESSION['loggedin']) {
// user is logged in
echo 'Welcome!';
} else {
// user is not logged in, send the user to the login page
header('Location: index.php');
}
?>