1. 首頁
  2. 問答
  3. 登錄失敗並重定向失敗

登錄失敗並重定向失敗

2017-02-22 377 views
-3
  1. 登錄失敗,失敗auth.php。它只是可以接受來自數據庫1個用戶
  2. 失敗重定向到admin.php在線header("Location: admin.php");

文件:auth.php登錄失敗並重定向失敗

<?php 
error_reporting(E_ERROR | E_PARSE); 
$settings_dir = "../settings"; 
include "$settings_dir/database.php"; 
$login=mysql_query('SELECT username, password FROM admin '); 
$r=mysql_fetch_array($login); 
$admin = $r['username']; 
$admin_pw = $r['password']; 
session_start(); 
if (isset($_POST['user']) && isset($_POST['pass'])) { 
    $username = $_POST['user']; 
    $password = md5($_POST['pass']); 
    if (($username == $admin) && ($password ==$admin_pw)) { 
     $_SESSION['admin'] = $username; 
     $_SESSION['admin_pw'] = $password; 
    } 
    header("Location: admin.php"); 
    exit(); 
} elseif ((isset($_SESSION['admin']) && isset($_SESSION['admin_pw']) &&$_SESSION['admin'] == $admin && $_SESSION['admin_pw'] == $admin_pw) || (getenv("REMOTE_ADDR")=="")) { 
} else { 
?> 
<html> 
    <head> 
     <title> 
      Admin Login 
     </title> 
     <LINK REL=STYLESHEET HREF="admin.css" TYPE="text/css"> 
    </head> 
    <body> 
     <center> 
      <br> 
      <br> 
      <fieldset style="width:30%;"> 
       <legend><b> 
        Admin Login 
        </b></legend> 
       <form action="auth.php" method="post"> 
        <table> 
         <tr> 
          <td> 
           Username 
          </td> 
          <td> 
           <input type="text" name="user"> 
          </td> 
         </tr> 
         <tr> 
          <td> 
           Password 
          </td> 
          <td> 
           <input type="password" name="pass"> 
          </td> 
         </tr> 
         <tr> 
          <td> 
          </td> 
          <td> 
           <input type="submit" value="Login" id="submit"> 
          </td> 
         </tr> 
        </table> 
       </form> 
      </fieldset> 
     </center> 
    </body> 
</html> 
<?php 
    exit(); 
} 
?>

來源

2017-02-22 Wiwin Ardiansyah

+0

請仔細閱讀[旅遊](HTTP:/ /stackoverflow.com/tour)和[*我如何提出一個好問題?](http://stackoverflow.com/help/how-to-ask)。 – Biffen

+1

首先,您應該遷移到Mysqli/PDO,因爲不推薦使用mysql_query。其次 - 用戶名和密碼是數據庫中的唯一記錄,第三 - 是否將它們加密爲MD5? – user3526204

+1

@ user3526204'*加密爲MD5 *'MD5不是*加密算法。 – Biffen

回答

-1 
file: auth.php 
<?php 
error_reporting(E_ERROR | E_PARSE); 


$settings_dir = "../settings"; 
include "$settings_dir/database.php"; 

$login=mysql_query('SELECT username, password FROM admin '); 
$r=mysql_fetch_array($login); 
$admin = $r['username']; 
$admin_pw = $r['password']; 

session_start(); 

if (isset($_POST['user']) && isset($_POST['pass'])) { 

$username = $_POST['user']; 
$password = md5($_POST['pass']); 
if (($username == $admin) && ($password ==$admin_pw)) { 
    $_SESSION['admin'] = $username; 
    $_SESSION['admin_pw'] = $password; 
} 
?> 
<script> 
window.location.href='admin.php'; 
</script> 
<?php 

exit(); 

} elseif ((isset($_SESSION['admin']) && isset($_SESSION['admin_pw']) &&$_SESSION['admin'] == $admin && $_SESSION['admin_pw'] == $admin_pw) || (getenv("REMOTE_ADDR")=="")) { 

} else { 

?> 
<html> 
<head> 
<title>Admin Login</title> 
    <LINK REL=STYLESHEET HREF="admin.css" TYPE="text/css"> 
</head> 

<body> 
<center> 
<br><br> 

<fieldset style="width:30%;"><legend><b>Admin Login</b></legend> 
<form action="auth.php" method="post"> 

<table> 
<tr><td>Username</td><td><input type="text" name="user"></td></tr> 
<tr><td>Password</td><td><input type="password" name="pass"></td></tr> 
<tr><td></td><td><input type="submit" value="Login" id="submit"></td> 
</tr></table> 
</form> 
</fieldset> 
</center> 
</body> 
</html> 
<?php 
exit(); 
} 
?>

來源

2017-02-22 06:14:21 phpguru

相關問題

 相關問題