我正在使用登录系统,每当用户尝试访问未授权的页面时 那么他应该在登录页面上返回登录,我该怎么办呢
以下是我的登录脚本
<?php
session_start();
$host="localhost"; // Host name
$db_username="root"; // Mysql username
$db_password=""; // Mysql password
$db_name="designshop"; // Database name
$tbl_name="member"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$db_username", "$db_password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$member_username=$_POST['member_username'];
$password=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$member_username = stripslashes($member_username);
$password = stripslashes($password);
$member_username = mysql_real_escape_string($member_username);
$password = mysql_real_escape_string($password);
$sql="SELECT * FROM $tbl_name WHERE member_username='$member_username' and password='$password'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION['member_username']=$_POST['member_username'];
$_SESSION['password']=$_POST['password'];
header("location:login_success.php");
}
else {
header("location:try_again.html");
}
?>
答案 0 :(得分:1)
您所要做的就是检查$_SESSION['member_username']
的存在(和非空虚)。如果已设置,则表示您的用户已登录,因此无需重新登录。
注意:
username
从数据库中检索password
和username
,并在PHP代码中进行比较:例如,这将允许您存储sha1
密码。答案 1 :(得分:0)
将它放在session_start()
...
if(!empty($_SESSION['member_username'])){header("location: login_success.php");}
像这样...
session_start();
if(!empty($_SESSION['member_username'])){
header("location: login_success.php");}
$host="localhost"; // Host name
$db_username="root"; // Mysql username
$db_password=""; // Mysql password
//REST OF CODE
答案 2 :(得分:0)
使用session_start()
启动代码并检查是否有任何用户尝试访问该页面时设置会话,如果设置了会话,则重定向到该页面,否则重定向到登录页面
您可以使用isset()
进行检查答案 3 :(得分:0)
按照此代码...
<?php session_start();
include('conn.php');
$Name = $_POST['login_id'];
$Pass = $_POST['password'];
$select="select * from admin_login where admin_name='$Name' AND admin_pwd='$Pass'";
$query=mysql_query($select) or die($select);
$rows=mysql_fetch_array($query);
$row=mysql_num_rows($query);
if($row != 0)
{
$_SESSION['admin_name']=$rows['admin_name'];
echo "<script>window.location.href='index.php'</script>";
}else
{
$message = 'Invalid Username Or Password';
echo '<script type="text/javascript">alert("'.$message.'")</script>';
echo "<script>window.location.href='login.php'</script>";
}
?>
将此代码放在每页的顶部
<?php session_start();
if(isset($_SESSION["admin_name"])=='') print('<script>window.location.href="login.php"</script>');