所以这是this post的后续行动。我正在尝试使用帖子链接中的代码登录。它有效,但我相信login.php文件中有一些我不知道的事情。这是大多数login.php文件,我提前为代码墙道歉。
<?php
session_start();
error_reporting(E_ALL^ E_NOTICE);
//include the connection and variable defination page
include("include/server.php");
include("include/function.php");
//checking the form has been submit by user or not
if(isset($_POST['cmdSubmit']) and $_POST['cmdSubmit']="Login")
{
//$refLink = $_SERVER['HTTP_REFERER'];
$refLink = "index.php?err_msg=1";
$user = addslashes($_POST['username']);
$pass = addslashes($_POST['password']);
$remember = $_POST['remember'];
$strErrorMessage = "";
if($user==""){
$strErrorMessage = "User Name can not be blank";
}
if($pass==""){
$strErrorMessage = "Password can not be blank";
}
if($user=="" and $pass==""){
$strErrorMessage = "User Name and Password can not be blank";
}
if($strErrorMessage=="")
{
if(isset($_POST['remember'])){
//removing all the cookie at set the user name password in cookies
unset($_COOKIE[session_name()]);
setcookie("usernamex", $_POST['username'], time()+60*60*24*100);
setcookie("userpassx", $_POST['password'], time()+60*60*24*100);
setcookie("rememberx", $_POST['remember'], time()+60*60*24*100);
}else{
if(isset($_COOKIE['rememberx']) && isset($_COOKIE['usernamex']) && isset($_COOKIE['userpassx']))
{
unset($_COOKIE[session_name()]);
setcookie("usernamex", $_POST['username'], time());
setcookie("userpassx", $_POST['password'], time());
setcookie("rememberx", $_POST['remember'], time());
}
}
$sqlLogin = "select * from member_mast where username = '".$user."' and password = '".$pass."' and is_deleted_flg=0 and is_profile=0";
$queryLogin = mysql_query($sqlLogin) or die(mysql_error()." Please check the Query");
$totLogin = mysql_num_rows($queryLogin);
//here checking the user is authorized or not
if($totLogin>0)
{
$rsLogin = mysql_fetch_array($queryLogin);
$_SESSION['uid'] = trim($rsLogin['username']);
$_SESSION['memberid'] = trim($rsLogin['user_id']);
$_SESSION['userType'] = trim($rsLogin['member_role']);
if(isset($_POST["page"]) and trim($_POST["page"])!="")
{
$pageName = trim($_POST["page"]);
$pagepassId = trim($_POST["pageid"]);
$redirect_url = "http://www.fakesite.com/fspv2/welcome.php?page=".$pageName."&pageid=".$pagepassId;
}
else
{
//$redirect_url = "http://www.fakesite.com/fspv2/welcome.php";
//$redirect_url = "welcome.php";
$redirect_url = "welcome.php";
}
//header("Location: ".$redirect_url);
?>
<script>window.location.href="<?php echo $redirect_url; ?>";</script>
<!-- <meta http-equiv="refresh" content="0;url=<?php echo $redirect_url; ?>"> -->
<?php
}
else
{
$displayMessage = "Login failed. If you are authorized, try again";
session_destroy();
$state = "inv";
$_SESSION['username'] = $_POST['username'];
$_SESSION['password'] = $_POST['pass'];
$username = $_SESSION['username'];
$password = $_SESSION['password'];
?>
<script>window.location.href="<?php echo $refLink; ?>";</script>
<?php
}
}
else
{
$state = "inv";
$_SESSION['username'] = $_POST['userid'];
$_SESSION['password'] = $_POST['pass'];
$username = $_SESSION['username'];
$password = $_SESSION['password'];
$displayMessage = $strErrorMessage;
?>
<script>window.location.href="<?php echo $refLink; ?>";</script>
<?php
}
}
//header("Location: ".$refLink);
?>
<!--<script>window.location.href="<?php echo $refLink; ?>";</script>--> <!-- <meta http-equiv="refresh" content="0;url=<?php echo $refLink; ?>"> -->
现在当我连接到这个login.php时,如果用户名/ pw是否有效则无关紧要。我得到的唯一回应就是这个
05-18 17:08:50.160: V/RESPONSE(30797): <!--<script>window.location.href="";</script>--> <!-- <meta http-equiv="refresh" content="0;url="> -->
看起来好像javascript试图重定向我,因为它是移动设备。我可以在那里找到的唯一重定向是将客户端重定向到“welcome.php”,如果他们成功登录就会出现。这里似乎没有移动login.php重定向(我可能错了)它应该注意我没有设计网站或我试图通过我的Android软件访问的任何文件,但我可以访问所有文件。 我的问题是,如果这不是我应该访问的文件/网址,那么是什么,或者如何找到它? 如果您需要查看任何其他代码,请只是问。谢谢!
答案 0 :(得分:0)
检查以下行是否会产生真实条件:
if($totLogin>0)