XML登錄腳本和會話中的PHP

Question

我有一個XML（mydata.xml）文件存儲賬戶信息如下

<?xml version = "1.0" encoding="Windows-1252" standalone="yes"?> 
<MYData> 
    <login_details> 
     <unique_ref>1-61</unique_ref> 
    <login_name>tomme</login_name> 
     <login>me</login> 
     <password>me</password> 
     <file1>Test</file1> 
     <file2/> 
     <file3/> 
     <file4/> 
    </login_details> 
    <login_details> 
     <unique_ref>1-61</unique_ref> 
    <login_name>tony</login_name> 
     <login>tony</login> 
     <password>tony</password> 
     <file1>Test1</file1> 
     <file2/> 
     <file3/> 
     <file4/> 
    </login_details> 
</MYData> 

我有一個登錄文件進入細節

<html> 
<head> 
<title>Administrator Login Page</title> 
<style type="text/css"> 
@import "style.css"; 
</style> 
</head> 
<body> 
<h1>Administrator Login Page</h1> 
</br></br></br></br></br></br></br> 
<form action="admin_verify.php" method="post"> 
User Name: <input type="text" name="admin_name" /> 
</br></br> 
Password:&nbsp;&nbsp; <input type="password" name="admin_password" /> 
</br></br> 
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
<input type="submit" value="Login"/> 
<input type="reset" value="Reset"/> 
</form> 
</body> 
</html> 

我也有一個admin_verify文件

<?php 
    session_start(); 
    $mydata = simplexml_load_file("xml/mydata.xml"); 

    $login = ""; 
    $password = ""; 
    $loginname = ""; 

    for($i = 0; $i < count($mydata); $i++){ 

     $login = $mydata->login_details[$i]->login; 
     $password = $mydata->login_details[$i]->password; 
     $loginname = $mydata->login_details[$i]->login_name; 


    if(empty($_POST["admin_name"])) 
    { 
     header("Location:login.php"); 
     return false; 
    } 

    if(empty($_POST["admin_password"])) 
    { 
     $this->HandleError("Password is empty!"); 
     return false; 
    } 

     if(($_POST["admin_name"] == $login) && ($_POST["admin_password"] == $password)){ 
      $_SESSION['name'] = "$loginname"; 
      header("Location:admin_panel.php"); 
     } 
    } 

    //as we have exited for loop (and therefore not been directed) we have a invalid login 
    echo "invalid username or password"; 
?> 

問題是與admin_panel中的會話，因爲我試圖從$ loginname回來m XML文件到它通過'tomme'的admin_verify文件，但是admin_panel文件是我丟失的地方我也正在打算在xml文件中傳遞'tomme'的細節以顯示file1的內容關於如何實現的任何想法這一點，如果我硬編碼$登錄名在所有會話頁面的管理，然後它工作正常，但我想動態傳遞的信息 的admin_panel如下

<html> 
<head> 
<title>Administrator Panel</title> 
<style type="text/css"> 
@import "style.css"; 
</style> 
</head> 
<body> 
<h1>Administrator Panel</h1> 
<?php 
session_start(); 
$mydata = simplexml_load_file("xml/mydata.xml"); 

    for ($i=0; $i < count($mydata);++$i) 
    $loginname = $mydata->login_details[$i]->login_name; 

if($_SESSION['name']=="$loginname") 
{ 
echo "Welcome ".$_SESSION['name']; 
echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"; 
echo "<a href='logout.php'>Logout</a>"; 
} 
else 
{ 
header("Location:login.php"); 
} 
echo "&nbsp;&nbsp;&nbsp;"; 

echo "</br></br></br>"; 

?> 
</body> 
</html> 

任何幫助，將appritiated

Answer 1

第一關無論如何，將純文本密碼存儲在任何文件中都不是一個好主意。反正

你可以對simpleXML對象進行json_encode並將其插入到你的會話中，然後將值傳遞給管理面板。

檢查所有3個文件的編輯，希望它有幫助。

登錄：

<?php session_start(); 
//already logged in 
if(isset($_SESSION['logged_in']) && $_SESSION['logged_in']==true){ 
    exit(header("Location: ./admin_panel.php")); 
} 
?> 
<html> 
<head> 
<title>Administrator Login Page</title> 
<style type="text/css"> 
@import "style.css"; 
</style> 
</head> 
<body> 
<h1>Administrator Login Page</h1> 

<?php echo (isset($_SESSION['error'])?'<span style="color:red">'.$_SESSION['error'].'</span>':null);?> 
<div> 
    <form action="admin_verify.php" method="post"> 
     <label for="admin_name">User Name:</label> <input type="text" name="admin_name" /> 
     </br> 
     <label for="admin_password">Password:</label> <input type="password" name="admin_password" /> 
     </br> 
     <input style="margin-left:30px" type="submit" value="Login"/> 
     <input type="reset" value="Reset"/> 
    </form> 
</div> 

</body> 
</html> 
<?php 
//unset error as its only required once 
unset($_SESSION['error']); 
?> 

admin_veryify

<?php 
session_start(); 
$mydata = simplexml_load_file("mydata.xml"); 

$login = ""; 
$password = ""; 
$loginname = ""; 

for($i = 0; $i < count($mydata); $i++){ 

    $login = $mydata->login_details[$i]->login; 
    $password = $mydata->login_details[$i]->password; 
    $loginname = $mydata->login_details[$i]->login_name; 


    if(empty($_POST["admin_name"]) || empty($_POST["admin_password"])) 
    { 
     $_SESSION['error']='Please fill in both username and password'; 
     exit(header("Location:login.php")); 
    } 


    if(($_POST["admin_name"] == $login) && ($_POST["admin_password"] == $password)){ 
     //set logged in 
     $_SESSION['logged_in'] = true; 
     //unset password no need to include that 
     unset($mydata->login_details[$i]->password); 

     //json encode the user stuff from the xml 
     $_SESSION['user_details'] = json_encode($mydata->login_details[$i]); 

     //goto admin 
     exit(header("Location: ./admin_panel.php")); 
    } 
} 

//as we have exited for loop (and therefore not been directed) we have a invalid login 
$_SESSION['error']='Invalid username or password'; 
exit(header("Location:login.php")); 
?> 

管理面板

<?php 
session_start(); 
//logout 
if(isset($_GET['logout'])){unset($_SESSION['logged_in']);session_destroy();} 


//check login 
if(isset($_SESSION['logged_in']) && $_SESSION['logged_in']==true){ 
    //json decode user details from session into an array 
    $user_details = json_decode($_SESSION['user_details'],true); 

    //debug your values 
    echo '<pre>'.print_r($user_details,true).'</pre>'; 
    /* 
    Array 
    (
     [unique_ref] => 1-61 
     [login_name] => tomme 
     [login] => me 
     [file1] => Test 
     [file2] => Array 
      (
      ) 

     [file3] => Array 
      (
      ) 

     [file4] => Array 
      (
      ) 

    ) 
    */ 

    echo '<a href="?logout">logout</a>'; 
}else{ 
    exit(header("Location: ./login.php")); 
} 
?>