我尝试使用cookie进行登录,但无法使其正常工作,因为我每次都有无限循环,已经在思考如何修复它。
就像这样它会显示一切都很完美,存储cookie并重定向到panel.php,但验证不再有用,我可以进入每个模块,如index.php?do=module
更新会话Cookie 它是用户登录后保存在数据库中的ramdon值,然后将其存储在Cookie中以便每次进行比较。
我在需要时使用$_COOKIE["session"]
查找用户信息,因为每次登录时都会动态更改。
core.php中
if (! defined ( 'SRCP' )) {
die ( "Error" );
}
@include_once (CORE_DIR. '/security/check.loged.php');
// i was trying to set a variable to tell the script to do not check again, so the loop will break, but i just got a blank page.
if (!$conectado='si') {
header("Location: index.php?do=login");
}
//recive and store, i was going to use the $_GET inside the switch, but that loop got me
if (isset($_GET['do'])) {
$do = $_GET['do'];
}
switch ( $do ) {
case "panel" :
include_once CORE_DIR . '/modulos/panel.php';
break;
case "login" :
include_once CORE_DIR . '/modulos/login.php';
break;
default:
include_once CORE_DIR . '/modulos/login.php';
break;
}
check.login.php
if (! defined ( 'SRCP' )) {
die ( "Error" );
}
if (isset($_COOKIE["id_usuario"]) && isset($_COOKIE["session"])){
if ($_COOKIE["id_usuario"]!="" || $_COOKIE["session"]!=""){
$query = " SELECT ID,
password,
salt,
correo,
logueado
FROM usuarios
WHERE cookie = :cookie
";
$query_params = array(
':cookie' => $_COOKIE['session']
);
try{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex){
//echo the error.
}
$row = $stmt->fetch();
$conectado='si';
}
else{
$conectado='no';
}
}
在面板内部,我没有php代码,因为我将它包含在这个index.php文件中。
define ( 'SRCP', true );
define ( 'ROOT_DIR', dirname ( __FILE__ ) );
define ( 'CORE_DIR', ROOT_DIR . '/core' );
require_once ROOT_DIR . '/core/core.php';
编辑: 修复了。不得不在check.loged.php
$row = $stmt->fetch();
if($row['logueado']=='SI'){
$login_ok = true;
}else{
$login_ok = 0;
}
答案 0 :(得分:0)
在core.php
中,这是不对的:
if (!$conectado='si') { // this is setting a value instead of comparing
header("Location: index.php?do=login");
}
Shoud be:
if ($conectado != 'si') { ... }
或
if ($conectado == 'no') { ... }