我正在尝试使用一个会话来识别用户是否已登录。人们不能再使用url来登录,而是将他们重定向到mainlogin.html
,尽管现在如果我输入正确的登录详细信息,我将被重定向回,mainlogin.html
并且如果输入错误的细节会通知我。我希望这不是重复的。我在表格中四处张望,尝试了其他人的方法,但这些方法对我没有用。
checklogin.php
<?php
session_start();
ob_start();
$host="foo"; // Host name
$username="bar"; // Mysql username
$password=""; // Mysql password
$db_name="foo";// Database name
$tbl_name="bar"; // Table name
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$mypassword= sha1($mypassword);
$myusername = stripslashes($myusername);
$mypassword = stripslashes ($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE myusername='$myusername' and mypassword='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1) {
$_SESSION['myusername'] = $$myusername;
$_SESSION['mypassword'] = $$mypassword;
header("location:login_success.php");
}
else {
//header('Location: ../mainlogin.html');
echo "Wrong Username or Password";
}
?><? ob_flush(); ?>
login_success.php
<?php
session_start();
// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['myusername'])) {
header('Location: ../mainlogin.html');
}
exit;
?>
美元符号过多?
$_SESSION['myusername'] = $$myusername;$_SESSION['mypassword'] = $$mypassword; ...
应该是
$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;
..ops ..在会话中存储密码不是一个好主意..最好像本教程所述
session_register("myusername");
session_register("mypassword");
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句