错误登录后PHP重定向

时间:2017-08-15 10:34:09

标签: php

所以这个脚本来自我读过的教程,所以我不会理解它的每一部分,因为我是PHP的新手,这不是我的所有代码! (有些是,有些不是)

所以基本上它是一个登录脚本,登录后它会将用户重定向到一个很棒的帐户页面。但是,如果他们输入错误的登录详细信息,它仍会将其重定向到该页面。这显然是不好的,因为它显示用户帐户页面减去通过数据库连接填充到其详细信息的所有位,因为尚未建立。

这是我提交的HTML表单的代码(我已经复制了整个文件,但我相信主要代码位于" //将登录状态存储到会话中的底部&# 34;但我当然错了:

<?php
include 'user.php';
include 'index.php';
$user = new User();
if(isset($_POST['signupSubmit'])){
    //check whether user details are empty
    if(!empty($_POST['first_name']) && !empty($_POST['last_name']) && !empty($_POST['email']) && !empty($_POST['phone']) && !empty($_POST['password']) && !empty($_POST['confirm_password'])){
        //password and confirm password comparison
        if($_POST['password'] !== $_POST['confirm_password']){
            $sessData['status']['type'] = 'error';
            $sessData['status']['msg'] = 'Confirm password must match with the password.'; 
        }else{
            //check whether user exists in the database
            $prevCon['where'] = array('email'=>$_POST['email']);
            $prevCon['return_type'] = 'count';
            $prevUser = $user->getRows($prevCon);
            if($prevUser > 0){
                $sessData['status']['type'] = 'error';
                $sessData['status']['msg'] = 'Email already exists, please use another email.';
            }else{
                //insert user data in the database
                $userData = array(
                    'first_name' => $_POST['first_name'],
                    'last_name' => $_POST['last_name'],
                    'email' => $_POST['email'],
                    'password' => md5($_POST['password']),
                    'phone' => $_POST['phone'],
                    'postcode' => $_POST['postcode'],
                    'travel' => $_POST['travel'],
                    'driver' => $_POST['driver'],
                    'main' => $_POST['main'],
                    'prop' => $_POST['prop'],
                    'hooker' => $_POST['hooker'],
                    'second_row' => $_POST['second_row'],
                    'flanker' => $_POST['flanker'],
                    'eight' => $_POST['eight'],
                    'scrum_half' => $_POST['scrum_half'],
                    'fly_half' => $_POST['fly_half'],
                    'centre' => $_POST['centre'],
                    'winger' => $_POST['winger'],
                    'full_back' => $_POST['full_back'],
                    'available' => $_POST['available'],

                );
                $insert = $user->insert($userData);
                //set status based on data insert
                if($insert){
                    $sessData['status']['type'] = 'success';
                    $sessData['status']['msg'] = 'You have registered successfully, log in with your credentials.';
                }else{
                    $sessData['status']['type'] = 'error';
                    $sessData['status']['msg'] = 'Some problem occurred, please try again.';
                }
            }
        }
    }else{
        $sessData['status']['type'] = 'error';
        $sessData['status']['msg'] = 'All fields are mandatory, please fill all the fields.'; 
    }
    //store signup status into the session
    $_SESSION['sessData'] = $sessData;
    $redirectURL = ($sessData['status']['type'] == 'success')?'index.php':'registration.php';
    //redirect to the home/registration page
    header("Location:".$redirectURL);
}elseif(isset($_POST['loginSubmit'])){
    //check whether login details are empty
    if(!empty($_POST['email']) && !empty($_POST['password'])){
         //get user data from user class
        $conditions['where'] = array(
            'email' => $_POST['email'],
            'password' => md5($_POST['password']),
            'status' => '1'
        );
        $conditions['return_type'] = 'single';
        $userData = $user->getRows($conditions);
        //set user data and status based on login credentials
        if($userData){
            $sessData['userLoggedIn'] = TRUE;
            $sessData['userID'] = $userData['id'];
            $sessData['status']['type'] = 'success';
            $sessData['status']['msg'] = 'Welcome '.$userData['first_name'].'!';
        }else{
            $sessData['status']['type'] = 'error';
            $sessData['status']['msg'] = 'Wrong email or password, please try again.';
        }
    }else{
        $sessData['status']['type'] = 'error';
        $sessData['status']['msg'] = 'Enter email and password.'; 
    }
    //store login status into the session
    $_SESSION['sessData'] = $sessData;
    //redirect to the home page
    header("Location:http://www.example.com/successful_login.php");
}elseif(!empty($_REQUEST['logoutSubmit'])){
    //remove session data
    unset($_SESSION['sessData']);
    session_destroy();
    //store logout status into the ession
    $sessData['status']['type'] = 'success';
    $sessData['status']['msg'] = 'You have logout successfully from your account.';
    $_SESSION['sessData'] = $sessData;
    //redirect to the home page
    header("Location:http://www.example.com");
}else{
    //redirect to the home page
    header("Location:index.php");
}
?>

我尝试过改变:

 $sessData['status']['type'] = 'error';
            $sessData['status']['msg'] = 'Wrong email or password, please try again.';

要:

 $sessData['status']['type'] = 'error';
            $sessData['status']['msg'] = 'Wrong email or password, please try again.';
    header("Location:www.loginpage.com");

但它完全没有区别

1 个答案:

答案 0 :(得分:1)

您需要将header("Location:http://www.example.com/successful_login.php");移到下方:if($userData){所以它看起来像这样:

if($userData){
    $sessData['userLoggedIn'] = TRUE;
    $sessData['userID'] = $userData['id'];
    $sessData['status']['type'] = 'success';
    $sessData['status']['msg'] = 'Welcome '.$userData['first_name'].'!';
    header("Location:http://www.example.com/successful_login.php");
}

你总是被重定向到主页的原因是因为重定向代码需要在一些基本上说(伪代码)的逻辑中:

if(user is logged in){
    redirectToHomePage;
} else {
    showMessage('Incorrect password');
}
相关问题
最新问题