我正在创建一个登录脚本,但是无法让用户登录并指向正确的页面。目前,用户提交登录表单,该表单指向“安全”状态。检查会话匹配的页面如下所示,但它似乎一直在踢我。
这是我的代码 -
的login.php
session_start();
include("clientarea/inc/config.php"); //Establishing connection with our database
$error = ""; //Variable for storing our errors.
if(isset($_POST["login"])){
if(empty($_POST["email"]) || empty($_POST["password"])){
$error = "Both fields are required";
} else {
// Define $email and $password
$email = $_POST['email'];
$password = $_POST['password'];
// To protect from MySQL injection
$email = mysqli_real_escape_string($connection, $email);
$password = mysqli_real_escape_string($connection, $password);
//$password = md5($password);
//Check username and password from database
$stmt = "SELECT * FROM users WHERE email='$email' and password='$password'";
$result = mysqli_query($connection, $stmt);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
//If username and password exist in our database then create a session.
if(mysqli_num_rows($result) == 1){
$_SESSION['email'] = $login_user; // Initializing Session
header("location: clientarea/index.php"); // Redirecting To Other Page
} else {
$error = "Incorrect username or password.";
}
}
}
正如您在验证后看到的那样,它会检查是否有用户,然后指向“安全”。页。
这是auth.php
include('inc/config.php');
session_start();
$user_check = $_SESSION['email'];
$sql = mysqli_query($connection, "SELECT email FROM users WHERE email='$user_check' ");
$row = mysqli_fetch_array($sql,MYSQLI_ASSOC);
$login_user = $row['email'];
if(!isset($user_check))
{
header("Location: http://localhost/findpt/index.php");
}
现在,auth.php运行在' secure'的顶端。页面以确保用户已登录,否则重定向到主页。现在,如果我删除了auth.php文件,那么我会直接进入“安全”状态。页面很好,但有了它,它引导我到主页。
如果我回复$ _SESSION ['电子邮件']我什么都没收到?
答案 0 :(得分:0)
如果我正确阅读您的帖子,login.php是一个将其重定向到安全页面auth.php的表单。
通过login.php查看,似乎没有初始化$ login_user。因此,您要将未分配的变量分配给$ _SESSION [' email']。
另外,也许在login.php if语句中创建另一个条件来检查重复登录,只是为了覆盖你的P& amp; Q' S