1. 首頁
  2. 問答
  3. 重定向如果沒有登錄

重定向如果沒有登錄

2016-03-16 122 views
1

我有一個PHP登錄腳本,我只想要某些頁面被訪問,如果用戶登錄(如果他們不是,他們被重定向到登錄頁面)。重定向如果沒有登錄

我有這其中的login.php啓動會話:

<?php 

session_start(); 
$con = mysqli_connect("localhost","Username","SomeData","Privatestuff"); 
$User = $_SESSION['username']; 

if(isset($_POST['loginsubmit'])) { 

$username = $_POST['username']; 
$password = md5($_POST['password']); 

$username = stripslashes($username); 
$password = stripslashes($password); 

$username = mysqli_real_escape_string($con, $username); 
$password = mysqli_real_escape_string($con, $password); 

$logincheck = "SELECT * FROM `users` WHERE username='$username' and password='$password'"; 
$result = mysqli_query($con, $logincheck); 
$row = mysqli_fetch_array($result, MYSQLI_ASSOC); 
$count = mysqli_num_rows($result); 
if(mysqli_num_rows($result) == 1){ 
$_SESSION['username']=$username; 
header('Location: index.php'); 
die(); 
}else{ 
echo "Username or password is invalid."; 
} 

} 
} 
} 

?>

我有這樣的index.php文件,如果他們不登錄的用戶會被重定向,懸停它不會阻止用戶從訪問的網頁,如果他們不是在

<?php 

session_start(); 
$con = DB INFO 
$User = $_SESSION['username']; 

if(!$User){ 
header('Location: welcome.php'); 
die(); 
} 

?>

記錄可能有人請幫助確定爲什麼用戶仍然可以訪問的index.php如果他們沒有登錄?

來源

2016-03-16 questers help

回答

-1

index.php: -

<?php 
session_start(); 
// $con = DB INFO //not needed 
//$User = $_SESSION['username']; not needed 

if(isset($_SESSION['username'])){ 
    // your complete code will be inside this if 
}else{ 
    header('Location: welcome.php'); 
    die(); 
} 
?>

login.php需要一些增強其評論: -

<?php 
session_start(); 
error_reporting(E_ALL); // check all type of errors 
ini_set('display_errors',1); // display those errors 
$con = mysqli_connect("localhost","Username","SomeData","Privatestuff"); 
$User = $_SESSION['username']; 

if(isset($_POST['username']) && isset($_POST['password'])) { // check with posted values not with submit button values 

$username = $_POST['username']; 
$password = md5($_POST['password']); 

//$username = stripslashes($username); //not needed 
//$password = stripslashes($password); //not needed 

........ rest of your code

來源

2016-03-16 21:15:21

+0

請問如果'$ USER = $ _SESSION [「用戶名」];'需要在頁面的頂部,以及當用戶登錄? –

+0

你可以在任何地方直接使用'$ _SESSION ['username']',但是如果你想使用'$ User = $ _SESSION ['username'];',沒問題 –

+0

@Anant - 請不要讓人投票在評論中回答您的問題,並請停止讓他們在問題的評論中查看您的答案。許多這些評論已被標記和刪除,社區普遍認爲它們是噪音。 –

0

index.php或header.php文件的頂部添加此

<?php 
     // First execute a common code to connect to the database and start the session 
     include ("includes/connect.php"); 

     // At the top of the page check to see whether the user is logged in or not 
     if(empty($_SESSION['users'])) 
     { 
      // If they are not, redirect them to the login page. 
      header("Location: login.php"); 

      // Remember that this die statement is absolutely critical. Without it, 
      // people can view your members-only content without logging in. 
      die("Redirecting to login.php"); 
     } 
    ?>

並添加或完成這一項到您的登錄頁面或login.php

<?php 
session_start(); 
include ('includes/connect.php'); 

$message=""; 
if(!empty($_POST["login"])) { 
    $result = mysqli_query($conn,"SELECT * FROM users WHERE username='" . $_POST["username"] . "' and password = '". $_POST["password"]."'"); 
    $row = mysqli_fetch_array($result); 
    if(is_array($row)) { 
     $_SESSION["users"] = $row['usersid']; 
     $_SESSION['login'] = true; 
     header("Location:index.php"); 
     exit(); 
    } else { 
    $message = "Invalid Username or Password!"; 
    } 
} 
?>

來源

2017-03-31 02:38:46 Ace

相關問題

 相關問題