PHP会话重定向页面
[英]Php Session Redirect Page
问题描述
Okay, What I have here is a simple php login session. 
好的,我这里有一个简单的php登录会话。 Sometimes session destroy even I don't destroy the session. 有时会话破坏,即使我不破坏会话。 In my Index.php, there's a link for editing record. 在我的Index.php中,有一个用于编辑记录的链接。 My problem is, if session destroy and I click edit, the page open's in modal or fancybox and shows login.php and after I login it's goes to index.html. 我的问题是,如果会话破坏并单击“编辑”,则该页面将以模式或fancybox的形式打开,并显示login.php,而在我登录后将其转到index.html。 What I need to do is instead of going into index.html, I need to redirect to edit.php with GET value to continue the edit process. 我需要做的是代替进入index.html,而需要重定向到具有GET值的edit.php以继续编辑过程。 Any help? 有什么帮助吗?
Index.php Index.php
<a class="fancybox" href="edit.php?pn='.$row["id"].'"><img src="images/edit.png"></a>
Edit.php 编辑.php
<?php
session_start();
include('connect.php');
$tbl_name="login_admin";
if(! isset($_SESSION['id'])){
header('location:login.php');
exit;
}
$id = $_SESSION['id'];
$sql = $mysqli->query("SELECT * FROM $tbl_name WHERE username='$id'");
$accounts = $sql->fetch_assoc();
$term= $mysqli->real_escape_string($_GET["pn"]);
?>
Login.php Login.php
<?php
require_once('connect2.php');
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
$submit = $_POST['submit'];
if($username && $password){
$sql = sprintf("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'");
$result = @mysql_query($sql);
$accounts = @mysql_fetch_array($result);
}
if($accounts){
$_SESSION['id'] = $accounts['username'];
header("location:index.html");
exit;
}elseif($submit){
$msg = 'Invalid Username or Password';
}
?>
1 个解决方案
解决方案1
0 已采纳 2014-09-02 05:53:27
Unfortunately you can't continue the edit process, but you can redirect user to edit page after login. 不幸的是,您无法继续编辑过程,但可以在登录后将用户重定向到编辑页面。
There are more ways how to to it, I will show one of them. 有更多方法可以实现,我将向您展示其中一种。
- before redirecting user to login script, save his original URL to session (another way would be to pass it to login.php as GET parameter - don't forget validation in that way): 在将用户重定向到登录脚本之前,将其原始URL保存到会话中(另一种方法是将其作为GET参数传递给login.php-不要以这种方式忘记验证):
Edit.php: Edit.php:
<?php
session_start();
include('connect.php');
$tbl_name="login_admin";
if(! isset($_SESSION['id'])){
$_SESSION['original_url']=$_SERVER['REQUEST_URI']
header('location:login.php');
exit;
}
// rest of the code.....
- Then redirect user to that page instead of default index.html page 然后将用户重定向到该页面,而不是默认的index.html页面
Login.php: Login.php:
<?php
require_once('connect2.php');
session_start();
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$submit = $_POST['submit'];
// Security note: see I've sanitized $username and $password with mysql_real_escape_string() to avoid SQL injection
if($username && $password){
$sql = sprintf("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'");
$result = mysql_query($sql);
$accounts = mysql_fetch_array($result);
}
// when account was found store identity to session
if($accounts){
$_SESSION['id'] = $accounts['username'];
if (isset($_SESSION['original_url']) {
// if user came from internal url, redirect to it and remove it from session
$originalUrl = $_SESSION['original_url'];
unset($_SESSION['original_url']);
header("location:".$originalUrl);
exit;
} else {
// redirect user to default page after login
header("location:index.html");
exit;
}
} elseif($submit){
// login form was sent, but user with given password not found
$msg = 'Invalid Username or Password';
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.