将用户名添加到个人资料网址

时间:2017-07-22 17:14:20

标签: php mysql session url get

远远地搜索了互联网,感觉我越来越近了。 我想通过我的网站在profile.php页面添加用户名。

目前,以下网址(http://www.example.com/profile.php)会显示必要的个人资料,但前提是您已登录。要访问其他会员资料,我需要知道他们的登录信息。

但是,我希望profile.php页面对特定用户来说是唯一的。例如,http://www.example.com/profile.php?user=CoolDude

我已经包含以下PHP来获取带有用户名的所需URL,除了错误" ERR_TOO_MANY_REDIRECTS"出现而非个人资料

<?php

session_start();
    require_once "includes/define.php";
    $user_row = null;

$user = (isset($_GET['username'])) ? $_GET['username'] : $_SESSION['username'];
$query = "SELECT * FROM users WHERE username = $user";

$res = mysqli_real_escape_string("SELECT * FROM users WHERE user=".$_SESSION['username']);
$userRow = mysqli_fetch_array($res);
$user = $_GET['username'];

header("Location:athleteprofile.php?user=" . $_SESSION['username']);


if (!isset($_SESSION['username'] )) {
    header("Location: login.php"); //login in AdminLogin.php
}

?>

不确定我的重定向错误在哪里?

2 个答案:

答案 0 :(得分:2)

试试这个(脚本应该在athleteprofile.php中):

<?php
session_start();
require_once "includes/define.php";
$user_row = null;

if (!ISSET($_SESSION['username'] )) {
    header("Location: login.php"); //login in AdminLogin.php
}
if (EMPTY($_GET['user'])) {
    header("Location:athleteprofile.php?user=" . $_SESSION['username']);    
}

$user = $_GET['username'];
$query = "SELECT * FROM users WHERE username = '".$user."'";
$res = mysqli_query($conn, $query);
$userRow = mysqli_fetch_array($res);
$username = $userRow['user'];
?>

无论是否设置了$ _GET [&#39;用户名&#39;],您的脚本将始终重定向。

请清理您的$ _GET [&#39;用户名&#39;]甚至更好,请使用预先准备好的声明

答案 1 :(得分:0)

  

简单您必须使用If条件: 

<?php

    session_start();
    require_once "includes/define.php";
    $user_row = null;

$user = (isset($_GET['username'])) ? $_GET['username'] : $_SESSION['username'];
$query = "SELECT * FROM users WHERE username = $user";

$res = mysqli_real_escape_string("SELECT * FROM users WHERE user=".$_SESSION['username']);
$userRow = mysqli_fetch_array($res);
$user = $_GET['username'];

if(isset($_SESSION['username'])){

header("Location:athleteprofile.php?user=". $_SESSION['username']);
}
elseif(isset($_GET['username']) && $_GET['username'] !== null) {
    header("Location: login.php"); //login in AdminLogin.php
}

?>
相关问题
最新问题