Php 登录未正确重定向
我试图在一个网站上登录,它连接到数据库,并对其进行检查,但重定向不起作用(login.php到loggedin.php)。我在校对我自己的代码时表现得非常糟糕,并且已经兜了一段时间圈子了。如果有人能帮助我,我将非常感激!先谢谢你 登录页面&u page.inc.phpPhp 登录未正确重定向,php,Php,我试图在一个网站上登录,它连接到数据库,并对其进行检查,但重定向不起作用(login.php到loggedin.php)。我在校对我自己的代码时表现得非常糟糕,并且已经兜了一段时间圈子了。如果有人能帮助我,我将非常感激!先谢谢你 登录页面&u page.inc.php <?php # Script 11.1 - login_page.inc.php // this page prints any errors associated with logging in //and create
<?php # Script 11.1 - login_page.inc.php
// this page prints any errors associated with logging in
//and creates te entire login page, including the fom
//include the header:
$page_title = 'Login';
include ('includes/header.html');
//print any error messages if they exist:
if (!empty($errors))
{
echo '<h1>Error!</h1>
<p class="error">The following error(s) occurred:</br>';
foreach ($errors as $msg)
{
echo "- $msg</br>\n";
}
echo '</p><p>Please try again.</p>';
}
//display form
?>
<h1>Login</h1>
<form action=login.php" method="post">
<p>Email Address: <input type="text" name="email" size="20" maxlength="80"/></p>
<p>Password: <input type="password" name="pass" size="20" maxlength="20"/></p>
<p><input type="submit" name="submit" value="Login"/></p>
<input type="hidden" name="submitted" value="TRUE"/>
</form>
<?php //include the footer:
include ('includes/footer.html');
?>
登录
如果任何文件包含发送到浏览器的任何代码,PHP会自动发送所有标题。发送邮件头后,您不能再发送新邮件头,它会删除您的位置:
邮件头。PHP应该抛出一个通知,在日志中查找它和/或设置正确的错误报告
标志
这包括换行符或空格,或者在?>
标记块之后的任何内容。从我所看到的,您的脚本没有任何问题。。。在这里,但我不确定的内容
includes/header.html
index.php
您还需要更换
不要在标题前包含任何空行('Location:$url')。因为这会阻止发送标头,并且您无法重定向到您想要的位置。问题发生在SHA1与数据库的对话中,其中by SHA1为(40)强,数据库设置为(20)。这是一个恼人的问题,但尚未解决。Var_dump用于与数据库对话,以证明输入的信息是正确的,但它确实显示了数据库中保存的密码是(20),为登录输入的密码是(40)。确切地说,它是如何工作的?你想重定向到哪里?总导演?或者loggedin.php?哪个重定向失败?如果($check)
,里面的那一个?您是否验证了absolute\u url()
的输出是正确和有效的?loggedin.php是我试图访问的地方。当试图重定向到loggedin时,它告诉我该页面不存在。我一次又一次地浏览,但不明白为什么不会。没有人会读你的代码。你试了什么?你已经把问题孤立出来了吗?错误已经解决了,被否决的票是天才,而那些人显然帮不了忙。感谢所有这样做的人!=)这会阻止loggedin.php被加载吗?目前,我在尝试登录时出现404错误。我在php中没有遇到过这样的错误。对php来说比较新。啊,相关错误!如果你告诉我这些,我只是在猜测发生了什么。您确定两个文件都在同一个案例中吗?目标url正确吗?类Unix的Web服务器往往区分大小写,抱歉!刚刚编辑了它,是的,login和loggedin都在同一个目录文件夹中。同样的大小写:我的意思是像大写或小写。试着查看呈现的源代码,为login.php
拉出生成的url。这个url有意义吗?文件真的在那个位置吗?这是问题之一(令人尴尬的是,我不擅长校对我自己的东西)。但我现在收到一个错误,说密码和电子邮件不匹配,当我确定它们匹配时(我打开了phpmyadmin,可以看到它们匹配)。我得到“发生了以下错误:-输入的电子邮件地址和密码与文件中的不匹配。”即使电子邮件和密码都是正确的,我可以看到匹配它们的数据库表,所以我不确定出了什么问题?
<?php # loggedin.php
//this is where the user is directed from login.php
session_start();
//if no cookie is present redirect the user:
//if (!isset($_COOKIE['user_id']))
if (!isset($_SESSION['user_id']))
{
//the functions need to create an absolute url
require_once ('includes/login_functions.inc.php');
$url = absolute_url();
header("Location: $url");
exit(); //exit script
}
//set the page title and include the header
$page_title = 'Logged in.';
include ('includes/header.html');
//welcome message
echo "<h1>Logged in!</h1>
<p>You have successfully logged in, {$_SESSION['first_name']}!</p>
<p><a href=\"logout.php\">Logout</a></p>";
include ('includes/footer.html');
?>
<?php # login.php
//this page processes the login form submission
//upon successful login the user's redirected
//two include files are needed for this
//send nothing to the web browser prior to the setcookie() lines
//check if the form has been submitted:
if (isset($_POST['submitted']))
{
//for processing the login:
require_once ('includes/login_functions.inc.php');
//need the database connection:
require_once ('includes/mysqli_connect.php');
//check the login
list ($check, $data) = check_login($dbc, $_POST['email'], $_POST['pass']);
if($check)
{
/*ok, set cookies to last one hour after it is set
setcookie ('user_id', $data ['user_id'], time()+3600, '/', '', 0, 0);
setcookie ('first_name', $data ['first_name'], time()+3600, '/', '', 0, 0);*/
session_start();
$_SESSION['user_id'] = $data['user_id'];
$_SESSION['first_name'] = $data['first_name'];
//redirect
$url = absolute_url ('loggedin.php');
header("Location: $url");
exit(); //quit the script
}
else
{
//assign errors to $data for error reporting in the login_page.inc.php
$errors = $data;
}
mysqli_close($dbc); //close the database connection
} //end of main submit condition
include ('includes/login_page.inc.php');
?>
<?php #- login_functions.inc.php
//this page defines two functions used by the login/logout process.
/*this function determines and returns an absolte URL
*takes one argument: the page that concludes the URL
*the arguement defaults to index.php
*/
function absolute_url ($page = 'index.php')
{
//start defining the URL. . .
//URL is http:// plus the host name plus current directory:
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
//remove any trailing slashes:
$url = rtrim($url, '/\\');
//adding the page. . .
$url.= '/' . $page;
//return to the url
return $url;
} //end of the absolute_url function
/* this function validates the form data (the email address and password)
*if both are present the database is queried
*this function requires a database connection
* the function returns an array of information. including:
* - a TRUE or FALSE variable indicating a success or failure
* - an array of either errors or the database return result
*/
function check_login($dbc, $email = '', $pass = '')
{
$errors = array(); //starting error array
//validate email address
if (empty($email))
{
$errors[] = 'You forgot to enter your email address.';
}
else
{
$e = mysqli_real_escape_string($dbc, trim($email));
}
//validate the password
if (empty($pass))
{
$errors[] = 'You forgot to enter your password.';
}
else
{
$p = mysqli_real_escape_string($dbc, trim($pass));
}
if (empty($errors))
{
/*if everything's okay
*retrieve the user_id and the first_name for that
*email+password combination:
*/
$q = "SELECT user_id, first_name FROM site_users WHERE email='$e' AND pass=SHA1('$p')";
$r = @mysqli_query ($dbc, $q); //run the query
//check the result and making sure that both fields are in the same row
if(mysqli_num_rows($r) ==1)
{
//fetch the record
$row = mysqli_fetch_array ($r, MYSQLI_ASSOC);
//return true and the record:
return array(true, $row);
}
else
{
//not a match
$errors[] = 'The email address and password entered do not match those on file.';
}
}//end of empty($errors) IF.
//return false and the errors:
return array(false, $errors);
} //end of check_login() function
?>