Login.php重定向到主页,而不是标题位置
我试图做一个公告板,只有管理员可以登录和张贴更新(学校),我是非常新的php。我的代码在mac上的MAMP服务器上运行良好,但当我将其上载到000webhost.com进行测试时,它在登录后不会重定向到正确的页面,而是重定向到index.php页面 这是我的密码。我没有在conf.php文件中启动会话Login.php重定向到主页,而不是标题位置,php,sql-server,authentication,Php,Sql Server,Authentication,我试图做一个公告板,只有管理员可以登录和张贴更新(学校),我是非常新的php。我的代码在mac上的MAMP服务器上运行良好,但当我将其上载到000webhost.com进行测试时,它在登录后不会重定向到正确的页面,而是重定向到index.php页面 这是我的密码。我没有在conf.php文件中启动会话 <?php // Check if the user is already logged in, if yes then redirect him to welcome page if (
<?php
// Check if the user is already logged in, if yes then redirect him to welcome page
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) {
header('location: logout.php');
exit;
}
//check if not authorized
// Include config file
require_once '../conf.php';
// Define variables and initialize with empty values
$email = $password = '';
$email_err = $password_err = '';
// Processing form data when form is submitted
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Check if email is empty
if (empty(trim($_POST['email']))) {
$email_err = 'Please enter email.';
} else {
$email = trim($_POST['email']);
}
// Check if password is empty
if (empty(trim($_POST['password']))) {
$password_err = 'Please enter your password.';
} else {
$password = trim($_POST['password']);
}
// Validate credentials
if (empty($email_err) && empty($password_err)) {
// Prepare a select statement
$sql = 'SELECT id, email, password FROM users WHERE email = ?';
if ($stmt = mysqli_prepare($link, $sql)) {
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, 's', $param_email);
// Set parameters
$param_email = $email;
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// Store result
mysqli_stmt_store_result($stmt);
// Check if email exists, if yes then verify password
if (mysqli_stmt_num_rows($stmt) == 1) {
// Bind result variables
mysqli_stmt_bind_result($stmt, $id, $email, $hashed_password);
if (mysqli_stmt_fetch($stmt)) {
//if ( password_verify( $password, $hashed_password ) ) {
if (($password == $hashed_password)) {
// Password is correct, so start a new session
//session_start();
// Store data in session variables
$_SESSION['loggedin'] = true;
$_SESSION['id'] = $id;
$_SESSION['email'] = $email;
// Redirect user to welcome page
header('Location: add_notice.php');
} else {
// Display an error message if password is not valid
$password_err = 'The password you entered was not valid.';
}
}
} else {
// Display an error message if email doesn't exist
$email_err = 'No account found with that email.';
}
} else {
echo 'Oops! Something went wrong. Please try again later.';
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Close connection
mysqli_close($link);
}
?>
只想结束这个问题
如果在conf.php文件中调用session\u start()
,则需要在调用$\u session[]
变量之前包含它
现在,在使用SESSION\u start()
初始化$\u会话之前,您正在检查$\u会话['loggedin']
移动require_once'../conf.php';在该if语句之上,它将起作用,例如
<?php
// Include config file
require_once '../conf.php';
// Check if the user is already logged in, if yes then redirect him to welcome page
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) {
header('location: logout.php');
exit;
}
//check if not authorized
// Define variables and initialize with empty values
$email = $password = '';
$email_err = $password_err = '';
// Processing form data when form is submitted
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Check if email is empty
if (empty(trim($_POST['email']))) {
$email_err = 'Please enter email.';
} else {
$email = trim($_POST['email']);
}
// Check if password is empty
if (empty(trim($_POST['password']))) {
$password_err = 'Please enter your password.';
} else {
$password = trim($_POST['password']);
}
// Validate credentials
if (empty($email_err) && empty($password_err)) {
// Prepare a select statement
$sql = 'SELECT id, email, password FROM users WHERE email = ?';
if ($stmt = mysqli_prepare($link, $sql)) {
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, 's', $param_email);
// Set parameters
$param_email = $email;
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// Store result
mysqli_stmt_store_result($stmt);
// Check if email exists, if yes then verify password
if (mysqli_stmt_num_rows($stmt) == 1) {
// Bind result variables
mysqli_stmt_bind_result($stmt, $id, $email, $hashed_password);
if (mysqli_stmt_fetch($stmt)) {
//if ( password_verify( $password, $hashed_password ) ) {
if (($password == $hashed_password)) {
// Password is correct, so start a new session
//session_start();
// Store data in session variables
$_SESSION['loggedin'] = true;
$_SESSION['id'] = $id;
$_SESSION['email'] = $email;
// Redirect user to welcome page
header('Location: add_notice.php');
} else {
// Display an error message if password is not valid
$password_err = 'The password you entered was not valid.';
}
}
} else {
// Display an error message if email doesn't exist
$email_err = 'No account found with that email.';
}
} else {
echo 'Oops! Something went wrong. Please try again later.';
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Close connection
mysqli_close($link);
}
?>
是logout.php
您的欢迎屏幕吗?请同时添加formMove require_once'../conf.php';“直接到顶端。”弗雷格利把它移到顶端对我很有用。非常感谢您的帮助。@MaxMuster我知道表单工作正常,所以我没有添加它。我接受了您的回答。而且,这也有道理。非常感谢你的帮助。