登录后,我的代码不会将我重定向到下一页。
<?php
$con = mysqli_connect("localhost","myusername","mypassword","mydatabase");
include ("connection.php");
session_start();
if(isset($_POST['login']))
{
$username = $_POST['username'];
$password = $_POST['password'];
$check = "SELECT * FROM admin WHERE username='$username' and password='$password'";
$queryString = mysqli_query($db, $check) or die('ERROR:' . mysqli_error($db));
if (mysqli_num_rows($queryString) > 0)
{
$admin = mysqli_fetch_assoc($queryString);
$_SESSION['username'] = $admin['username'];
session_write_close();
header("location: http://mywebsite.com/home.php");
die();
}
else
{
echo '<div class="popup-position">
<div id="popup-wrapper">
<h3>Invalid user name or password.</h3><br/><a href="login.php">OK</a>
</div>
</div>';
}
}
mysqli_close($con);
这是登录后下一页的身份验证:
<?php
session_start();
if (!isset($_SESSION['username']))
{
header("location: login.php");
exit();
}
答案 0 :(得分:1)
try this
/send user to index. if he is login/
<?php
require_once("inc/ header.inc.php");
if(isset($_SESSION['id']))
{ header("Location: index.php");
exit(); }
<div class="container">
<div class="form-container">
<p class="heading text-center">Login</p>
<form action=" <?php echo $_SERVER['PHP_SELF'] ?>" method="post">
<div class="form-group">
<input type="text" name="username" placeholder="Enter your Username" class="form-control">
</div>
<div class="form-group">
<input type="password" name="password" placeholder="Enter your Password" class="form-control">
</div>
<input type="submit" value="Login" class="btn btn-primary" name="login">
</form>
<?php
//login script
if(isset($_POST['login'])){
$username = trim( htmlspecialchars ($_POST['username']));
$password = trim( htmlspecialchars ($_POST['password']));
//if username or password is empty
if(empty($username) || empty($password)){
echo "<div class='alert alert-danger'>Fill in all the fields</div>";
exit();
}
//check username and password match the db record
$q = mysqli_query($con,"SELECT id FROM `user` WHERE username='$username' AND password='$password'");
if(mysqli_num_rows($q) != 1){
echo "<div class='alert alert-danger'>Invalid username or password</div>";
exit();
}
//fetch the if of the logged in user start the session
$row = mysqli_fetch_assoc($q);
//set the session with logged in user id
$_SESSION['id'] = $row['id'];
$_SESSION['username'] = $username;
header("Location: index.php");
exit();
}
?>
</div>
</div>
答案 1 :(得分:0)
让我帮你登录。
<强>的login.php
<html>
<head>
<title>Hospital Login</title>
<link href="login.css" rel="stylesheet" type="text/css">
</head>
<body>
<form name="form1" method="post" action="process_login.php">
<fieldset class="formDisplay">
<legend><strong>Member Login </strong></legend>
<strong>Username</strong></br></br> <input name="myusername" type="text" id="myusername">
</br></br>
<strong>Password</strong></br></br><input name="mypassword" type="password" id="mypassword">
</br></br>
<input type="submit" name="Submit" value="Login">
</br></br>
<?php
echo $message;
?>
</fieldset>
</form>
</body>
</html>
上面的代码实际上应该是你的登录脚本中的内容,忘记了fieldset的事情,我只是将它用于别的东西:)
现在我们想要一个纯PHP文件来处理登录我们系统的输入。
<强> process_login.php
<?php
include('database_connection.php');
$myusername = mysqli_real_escape_string($DBConn, $_POST['myusername']);
$mypassword = mysqli_real_escape_string($DBConn, $_POST['mypassword']);
$query="SELECT * FROM $doctor_table WHERE username='$myusername' AND passwd='$mypassword'";
$result=mysqli_query($DBConn, $query);
if(!$result){
echo "<p>
There was an error with the query.<br />\n" .
"The error was " .
htmlspecialchars(mysqli_error($DBConn), ENT_QUOTES) .
".<br />\nThe query was '" .
htmlspecialchars($query, ENT_QUOTES ) .
"'</P>\n";
}
else if (!mysqli_num_rows($result)){
$message = "<p>Failed to Log In. Please check your username/password</p>\n";
include 'login.php';
}
else{
$count=mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_start();
$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;
header("Location: login_success.php");
}
}
?>
现在,当您的身份验证成功时,您应该显示主页面。
请注意,您必须“清理”用户的每个条目,以避免SQL注入(有助于阻止ppl窃取数据库中的数据)
这些完整的代码完美无缺,我建议您使用我提供的代码,并随意调整以供自己使用:)