PHP登录表单刷新页面而不是重定向
我正在尝试从我的php站点创建一个登录表单,我有以下代码:PHP登录表单刷新页面而不是重定向,php,forms,login,Php,Forms,Login,我正在尝试从我的php站点创建一个登录表单,我有以下代码: <?php session_start(); require("includes/connect.php"); ?> <div class="container"> <form class="form-signin" role="form" action="login.php" method="post">
<?php
session_start();
require("includes/connect.php");
?>
<div class="container">
<form class="form-signin" role="form" action="login.php" method="post">
<h2 class="form-signin-heading">Please sign in</h2>
<input type="text" class="form-control" placeholder="Username" name="username_login" required autofocus>
<input class="form-control" type="password" placeholder="Password" name="user_password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
<label class="forgotten"><a href="forgottenpass.php">Forgotten password?</a></label>
</form>
<?php
//if an admin or user session is already in progress then dont let them log in, redirect to 'index.php'
if (isset($_SESSION['admin']) && ($_SESSION['admin'] == true) || isset($_SESSION['user']) && ($_SESSION['user'] == true)) {
header ("Location: index.php");
//if use not logged in then
}else{
//if username and password are entered, blank before user fills form
$usr = (isset($_POST['username_login'])? $_POST['username_login']:null);
$pwd = (isset($_POST['user_password'])? $_POST['user_password']:null);
$usr = mysqli_escape_string($conn, $usr); //Prevent against SQL Injection by avoiding "\" being executed
$pwd = mysqli_escape_string($conn, $pwd); //Prevent against SQL Injection by avoiding "\" being executed
if ($usr && $pwd){
$epwd = $pwd;
$q = "SELECT * FROM users WHERE UName='$usr' LIMIT 1;";
$resultset = mysqli_query($conn,$q);
$rowcount = mysqli_num_rows($resultset);
if ($rowcount==1){
while ($userRow = mysqli_fetch_assoc($resultset)){
//Get the DB username and password to compare
$dataBaseEmail = $userRow['UName'];
$dataBasePass = $userRow['Password'];
$userGroup = $userRow['UserLevelID'];
}
mysqli_free_result($resultset);
unset($q);
//Compare DB user and pass to those entered
if ($usr == $dataBaseEmail && $epwd == $dataBasePass){
//Now that we know they are activated ect, we can create a session based on their privlidges
if ($userGroup ==1){ //ADMIN load the console
header("Location: index.php");
$_SESSION['admin'] = true;
}else{ //Normal User
header ("Location: logout.php");
$_SESSION['user'] = true;
$_SESSION['user'] = $dataBaseEmail;
}
}else{//user and pass do not match DB
echo '<div class="login-error">Incorrect Password, try again</div>';
}
}else{
echo '<div class="login-error">Error: There is no such user registered on the system. Please check the username and password entered.</div>';
}
}
}
?>
</div> <!-- /container -->
请登录
登录
我确信我以前已经使用过了,但是现在当您输入用户名和密码时,它只会刷新表单,没有错误消息或任何东西,我不知道为什么?头语句必须在任何html代码之前使用。来源:再次检查您的代码,在管理员会话检查之后,您的查询一直处于崩溃状态,因为您没有添加if-form-posted-check 在这条线上
if (isset($_SESSION['admin']) && ($_SESSION['admin'] == true) || isset($_SESSION['user']) && ($_SESSION['user'] == true)) {
header ("Location: index.php");
//if use not logged in then
}else{
if (isset($_SESSION['admin']) && ($_SESSION['admin'] == true) || isset($_SESSION['user']) && ($_SESSION['user'] == true)) {
header ("Location: index.php");
//if use not logged in then
}else
if ( trim($_POST['username_login']) AND trim($_POST['user_password']))
{
您必须将
登录代码,因为在标头将任何输出发送到客户端浏览器后,标头()将不起作用。
<?php
session_start ();
require ("includes/connect.php");
//Check for FORM POST
if (isset ( $_POST ['username_login'] ) && isset ( $_POST ['user_password'] )) {
// if an admin or user session is already in progress then dont let them log in, redirect to 'index.php'
if (isset ( $_SESSION ['admin'] ) && ($_SESSION ['admin'] == true) || isset ( $_SESSION ['user'] ) && ($_SESSION ['user'] == true)) {
header ( "Location: index.php" );
// if use not logged in then
} else {
// if username and password are entered, blank before user fills form
$usr = (isset ( $_POST ['username_login'] ) ? $_POST ['username_login'] : null);
$pwd = (isset ( $_POST ['user_password'] ) ? $_POST ['user_password'] : null);
$usr = mysqli_escape_string ( $conn, $usr ); // Prevent against SQL Injection by avoiding "\" being executed
$pwd = mysqli_escape_string ( $conn, $pwd ); // Prevent against SQL Injection by avoiding "\" being executed
if ($usr && $pwd) {
$epwd = $pwd;
$q = "SELECT * FROM users WHERE UName='$usr' LIMIT 1;";
$resultset = mysqli_query ( $conn, $q );
$rowcount = mysqli_num_rows ( $resultset );
if ($rowcount == 1) {
while ( $userRow = mysqli_fetch_assoc ( $resultset ) ) {
// Get the DB username and password to compare
$dataBaseEmail = $userRow ['UName'];
$dataBasePass = $userRow ['Password'];
$userGroup = $userRow ['UserLevelID'];
}
mysqli_free_result ( $resultset );
unset ( $q );
// Compare DB user and pass to those entered
if ($usr == $dataBaseEmail && $epwd == $dataBasePass) {
// Now that we know they are activated ect, we can create a session based on their privlidges
if ($userGroup == 1) { // ADMIN load the console
header ( "Location: index.php" );
$_SESSION ['admin'] = true;
} else { // Normal User
header ( "Location: logout.php" );
$_SESSION ['user'] = true;
$_SESSION ['user'] = $dataBaseEmail;
}
} else { // user and pass do not match DB
echo '<div class="login-error">Incorrect Password, try again</div>';
}
} else {
echo '<div class="login-error">Error: There is no such user registered on the system. Please check the username and password entered.</div>';
}
}
}
}
?>
<!-- container -->
<div class="container">
<form class="form-signin" role="form" action="login.php" method="post">
<h2 class="form-signin-heading">Please sign in</h2>
<input type="text" class="form-control" placeholder="Username"
name="username_login" required autofocus>
<input class="form-control" type="password" placeholder="Password" name="user_password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
<label class="forgotten">
<a href="forgottenpass.php">Forgotten password?</a></label>
</form>
</div>
<!-- /container -->
请登录
登录
”.mysql\u errno();
}
}
其他的
{
echo mysql_error()。“
”。mysql_errno();
}
//echo$userName.“-”$password;
?>
请登录
登录
您是否在php脚本开头使用了session_start();
请提供完整的代码。添加我已经在使用session_start();我已经更新了我的代码嘿@Carla Dessi,为什么您要将“普通用户”重定向到logout.php标题(“位置:logout.php”)
?这只是一个例子,但即使我更改了它也不起作用。我已经修改了我的代码,但仍然不起作用。你的问题到底是什么?是在提交表单时没有发生什么!你是否尝试过将mysql函数mysqli
替换为mysql
?我填写表单,页面刷新,表单重置ll仅刷新页面如果密码不正确,您是否会收到不正确的密码错误?请检查logout.php
,index.php
中的重定向代码。正确地说,他们可能会将您重定向回登录页面。不,无论我键入什么,都会刷新页面
<form class="form-signin" role="form" action="login.php" method="post">
<h2 class="form-signin-heading">Please sign in</h2>
<input type="text" class="form-control" placeholder = "Username"name="username_login" >
<input class="form-control" type="password" placeholder = "password" name="user_password" >
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
<label class="forgotten"><a href="../forgottenpass.php">Forgotten password?</a></label>
</form>