2017-03-16 116 views
0

有了這個劇本,我必須輸入用戶名和密碼才能訪問 受保護的頁面,如果它通過地址欄可能,我才明白,自動登錄 ,我試圖自動登錄的網址

Http://example.org/index.php&myusername&mypassword 

但我無法訪問它可以從地址欄自動登錄。

<?php 
    session_start(); 
    $username = $_POST['username']; 
    $password = $_POST['pw']; 

    if($username == "" or $password == ""){ 
    echo "Non puoi accedere senza Username o password"; 
    }else if($username == "" and $password == ""){ 
    echo "Non puoi accedere senza Username e password"; 
    }else{ 
    // configure your username and password 
    if($username == "test" AND $password == "test"){ 
    echo "Benvenuto $username"; 
    echo "<a href='http://www.example.com'>Vai alla pagina</a>"; 
    }else{ 
    echo "Accesso negato, questo username non esiste"; 
    } 
    } 

function loggeduser($username){ 

} 


?> 
+0

改變'$ _POST'到'$ _REQUEST'和你的網址是通過'http:/ /example.org/index.php?username=test&pw=test' – cmorrissey

回答

0

使用的網址:

http://example.org/index.php?username=myusername&pw=mypassword 

而更新腳本,以

<?php 
    session_start(); 
    $username = $_REQUEST['username']; 
    $password = $_REQUEST['pw']; 

    # continue as before 
+0

我做了上述改動,用$ _REQUEST改變$ _POST,可以使用immetto l'indirizzo http://example.org/index.php&username=myusername&pw=mypassword纔不是 找到該網頁,然後http://example.org/index.php?username=myusername&pw=mypassword,將我帶回登錄頁面 – Mario

+0

對不起,在網址中輸入錯誤。它應該是'http://example.org/index.php?username = myusername&pw = mypassword'。注意?在index.php之後並使用&vars之間的值 – brennan22