1. 首頁
  2. 問答
  3. 爲什麼我被重定向到login.php登錄詳細信息是正確的?

爲什麼我被重定向到login.php登錄詳細信息是正確的?

2011-09-18 33 views
-2

我有一個登錄腳本和開放登錄使用正確的登錄信息,我仍然重定向到的login.php但一旦我刪除爲什麼我被重定向到login.php登錄詳細信息是正確的?

<?php 
//Start session 
session_start(); 

//Check whether the session variable SESS_MEMBER_ID is present or not 
if(!isset($_SESSION['login'])){ 
    header("location: login.php"); 
    exit(); 
} 
?>

這是工作,引導到正確的URL,但如果我放回去上面的代碼,它不斷將我重定向到login.php。

這是腳本。請給我一個緊急的幫助。

<?php 

//Start session 
session_start(); 

//Include database connection details 
require_once('config.php'); 

//Array to store validation errors 
$errmsg_arr = array(); 

//Validation error flag 
$errflag = false; 

//Connect to mysql server 
$link = mysql_connect($hostname, $username, $password); 
if(!$link) { 
    die('Failed to connect to server: ' . mysql_error()); 
} 

//Select database 
$db = mysql_select_db($dbname); 
if(!$db) { 
    die("Unable to select database"); 
} 

//Function to sanitize values received from the form. Prevents SQL injection 
function clean($str) { 
    $str = @trim($str); 
    if(get_magic_quotes_gpc()) { 
     $str = stripslashes($str); 
    } 
    return mysql_real_escape_string($str); 
} 

//Sanitize the POST values 
$login = clean($_POST['login']); 
$password = clean($_POST['password']); 

//Input Validations 
if($login == '') { 
    $errmsg_arr[] = 'Login ID missing'; 
    $errflag = true; 
} 
if($password == '') { 
    $errmsg_arr[] = 'Password missing'; 
    $errflag = true; 
} 

//If there are input validations, redirect back to the login form 
if($errflag) { 
    $_SESSION['ERRMSG_ARR'] = $errmsg_arr; 
    session_write_close(); 
    header("location: login.php"); 
    exit(); 
} 

//Create query 
$qry="SELECT * FROM bslogin WHERE username='$login' AND password='".md5($_POST['password'])."'"; 
$result=mysql_query($qry); 

//Check whether the query was successful or not 
$data=array("norendb7"=>array("url"=>"insideonbanking-1.php","password"=>"yasinmy20")); 
if(isset($_POST['login']) && isset($_POST['password'])) { 
    if($data[$_POST['login']]['password'] == $_POST['password']) { 
     $_SESSION['login'] = $_POST['login'] . " " . $_POST['password']; 
     header('Location: ' . $data[$_POST['login']]['url']); 
     exit();   
    } else { 
     //Login failed 
     header("location: login.php"); 
     exit(); 
    } 
} else { 
    die("Query failed"); 
} 
?>

來源

2011-09-18 dagrin

+1

您是否缺少session_start()? –

+0

我沒有在腳本上看到你正在設置$ _SESSION ['用戶名']任何地方!isset($ _ SESSION ['username'])它是真的,因此你被定向到login.php 也許你的意思是檢查!isset($ _ SESSION ['login']) – derp

回答

0

您在第二個代碼塊中缺少session_start()。這可能是你的問題的根源

來源

2011-09-18 20:52:51 genesis

0

這裏的問題是,你從來沒有設置$_SESSION['username']。直到你這樣做,!isset($_SESSION['username'])永遠不會是錯誤的。

來源

2011-09-18 20:56:18

相關問題

 相關問題