1
我不知道我的代碼有什麼問題,當沒有成員頁面的日誌時,將我重定向到404錯誤的成員頁面地址,這不是問題,它會將我重定向到登錄頁面,當我登錄時我在成員頁面中寫這個代碼。當我按下登錄按鈕重定向到登錄頁面時,我的代碼有什麼問題?
<?php
session_start();
if(!isset($_SESSION['user_level'])or ($_SESSION['user_level'] != 0)){
header('location: login.php');
exit();
}?>
<!DOCTYPE html>
<html>
<head>
<title>
Admin page
</title>
<style>
table{text-align: center;}
</style>
</head>
<body>
<?php
if($_SESSION['fname']){
echo 'welcome to admin page '. $_SESSION['fname'] . "<br>";
}
?>
<input type="button" value="Log Out" onclick="window.location=' logoutt.php '">
</body>
</html>
登錄頁面代碼
<?php
if($_SERVER['REQUEST_METHOD']=='POST'){
$dbcon=mysqli_connect('localhost','mahmud91','password','postaldb')or die('Couldn\'t connect to database'.mysqli_error($dbcon));
if(!empty(trim($_POST['email']))){
$email=mysqli_real_escape_string($dbcon,trim($_POST['email']));
}else{
$email=false;
}
if(!empty(trim($_POST['psword']))){
$psword=mysqli_real_escape_string($dbcon,trim($_POST['psword']));
}else{
$psword=false;
}if($email && $psword){
$query="SELECT fname,user_id,user_level FROM users WHERE (email='$email' AND psword=SHA1('$psword'))";
$result=mysqli_query($dbcon,$query);
if(@mysqli_num_rows($result)==1){
$_SESSION=mysqli_fetch_array($result,MYSQLI_ASSOC);
$_SESSION['user_level']=(int)$_SESSION['user_level'];
$url=($_SESSION['user_level']===1) ? "adminnpage.php" : "memberrpage.php";
header('location: '.$url);
}else{
echo "Sorry no match was found to email or password";
}
}else{
echo" Please try again";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>
Log In
</title>
</head>
<body>
<form action="/newfolder/login.php" method="post">
<p>
<label for="email">Email: </label>
<input type="text" name="email" id="email" >
</p>
<p>
<label for="psword">Password: </label>
<input type="password" name="psword" id="psword">
</p>
<p>
<input type="submit" name="submit" value="Log In">
</p>
<p>
<input type="button" value="Register" onclick="window.location='/newfolder/registerpage.php'">
</p>
</body>
</html>
顯示您的登錄頁面的代碼在登錄頁面的頂部開始會話.. –
我添加的登錄頁面代碼 –
一切看起來不錯只是開始會話..在登錄頁面 –