我有一个php文件来处理我网站上的登录/注销。登录工作正常,但当我尝试注销时,我被告知无法在服务器上找到该文件。
此链接调用页面进行注销:
<a href="/logansarchive/admin/do.login?action=out">Sign Out</a>
以下是文件中的代码:
<?php
session_start();
if (isset($action) && $action == "out") {
// Log out
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
session_destroy();
header("Location: /logansarchive/admin/login.php?logged_out=1");
}
else {
$username = $_REQUEST["txt_username"];
$password = $_REQUEST["txt_password"];
$action = $_GET["action"];
$host = "127.0.0.1";
$user = "root";
$pass = "12157114";
try {
$dbh = new PDO("mysql:host=$host;dbname=logansarchive", $user, $pass);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e) {
echo $e->getMessage();
}
// Log in
$hashed_pass = hash("sha512", $password);
$sql = "select count(*) as count, adminid, adminname, DATE_FORMAT(lastlogin, '%W, %M %e, %Y @ %h:%i %p' ) AS lastlogin from admin where adminname = :name and adminpass = :pass";
$result = $dbh->prepare($sql);
$result->bindParam(":name", $username);
$result->bindParam(":pass", $hashed_pass);
$stmt = $result->execute();
$row = $result->fetch();
if ($row["count"] == 1) {
session_start();
$_SESSION["adminid"] = $row["adminid"];
$_SESSION["adminname"] = $row["adminname"];
$_SESSION["lastlogin"] = $row["lastlogin"];
$dbh = null;
header("Location: /logansarchive/admin/index.php");
}
else {
$dbh = null;
header("Location: /logansarchive/admin/login.php?login_attempt=1");
}
};
?>
对此行为的任何解释以及(理想情况下)解决此问题的方法都将非常感激。
答案 0 :(得分:1)
do.login
似乎不是有效的php文件名
为什么不使用login.php
?
答案 1 :(得分:1)
如果它现在正在工作,那是由于服务器配置错误(称为register_globals,对其进行搜索)。不应在第三行设置$ action,只在else语句中设置它。将以下行移到session_start()下面:
$action = $_GET['action'];