登录到php后重定向页面
[英]Redirecting a page after login in php
问题描述
I am new to php and I googled a simple login form with source code in it. 
我是php的新手,我用一个简单的登录表单在google中搜索了源代码。 The code was working but it wont redirect me to home page rather it stay still in login page. 该代码正在运行,但是它不会将我重定向到主页,而是仍然停留在登录页面中。 Here is the code for the authentication that is responsible for redirection if user inputs correct credentials: 如果用户输入正确的凭据,这是负责重定向的身份验证代码:
ob_start();
session_start();
$error='';
if(isset($_POST['submit'])){
if(empty($_POST['username']) || empty($_POST['password'])){
$error="Username or Password is invalid";
}
else{
$username=$_POST['username'];
$password=$_POST['password'];
$cxn=mysql_connect("localhost","root","admin");
$username=stripslashes($username);
$password=stripslashes($password);
$username=mysql_real_escape_string($username);
$password=mysql_real_escape_string($password);
$db=mysql_select_db("hrdb",$cxn);
$query=mysql_query("select * from login where Username='$username' AND
Password='$password'",$cxn);
$rows=mysql_num_rows($query);
if($rows==1){
$_SESSION['log_user']=$username;
echo "test";
header('Location: http://localhost/HRMS/profile.php');
exit;
}else{
$error="Username or password is invalid";
}
mysql_close($cxn);
}
}
ob_end_flush();
3 个解决方案
解决方案1
0 2015-09-01 06:37:06
You can use the header() function to send a new HTTP header, but this must be sent to the browser before any HTML or text (so before the declaration, for example). 您可以使用header()函数发送新的HTTP标头,但是必须在任何HTML或文本之前(例如,在声明之前)将其发送到浏览器。
You may want to include die after the header call: 您可能希望在header调用之后包含die :
header("Location: http://localhost/HRMS/profile.php");
die();
解决方案2
0 2015-09-01 06:42:11
I will suggest you to use mysqli instead of mysql and there are minor changes please check it carefully and test the code it is working fine now. 我建议您使用mysqli代替mysqli,并且有一些小的更改,请仔细检查并测试它现在是否正常运行。
ob_start();
session_start();
$error='';
if(isset($_POST['submit'])){
if(empty($_POST['username']) || empty($_POST['password'])){
$error="Username or Password is invalid";
}
else{
$username=$_POST['username'];
$password= md5($_POST['password']);
$cxn= mysqli_connect("localhost","root","","hrdb");
$username=stripslashes($username);
$password=stripslashes($password);
$username=mysqli_real_escape_string($cxn,$username);;
$password=mysqli_real_escape_string($cxn,$password);;
$query=mysqli_query($cxn,"select * from user_mst_tbl where USER_NAME='".$username."' AND
PASS_WORD='".$password."'");
$rows=mysqli_num_rows($query);
if($rows==1){
$_SESSION['log_user']=$username;
echo "test";
header('Location: http://localhost/HRMS/profile.php');
}else{
$error="Username or password is invalid";
}
mysql_close($cxn);
}
}
ob_end_flush();
解决方案3
0 2015-09-01 07:07:48
You are receiving the error: 您收到错误:
Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead
because you have installed a later version of XAMPP. 因为您已经安装了XAMPP的更高版本。
You need to consider using prepared statement rather than the deprecated mysql_* API. 您需要考虑使用预处理语句,而不是不 mysql_* 使用的 mysql_* API。 You don't need to sanitize each variables before you can use it in your queries, because prepared statement will do it for you. 您无需对每个变量进行清理就可以在查询中使用它们,因为准备好的语句将为您完成它。
And if you are going to use header() function of PHP, make sure that you don't have any output before you call header() . 如果要使用PHP的header()函数,请确保在调用header()之前没有任何输出。
Check also your profile.php , if it has header() call too, which redirects the page back to the login page. 还要检查您的profile.php ,如果它也有header()调用,它将页面重定向回登录页面。
<?php
/* MAKE SURE THAT THERE ARE NO HTML/OUTPUTS ABOVE THIS CODE */
ob_start();
session_start();
$error = "";
/* ESTABLISH CONNECTION */
$con = new mysqli("localhost", "root", "admin", "hrdb");
/* CHECK CONNECTION */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
if(isset($_POST['submit'])){
if(empty($_POST['username']) || empty($_POST['password'])){
$error="Username or Password is invalid";
}
else{
if($stmt = $con->prepare("SELECT Username FROM login WHERE Username = ? AND Password = ?")){ /* CHECK AND PREPARE THE QUERY */
$stmt->bind_param("ss",$_POST["username"],$_POST["password"]); /* BIND THESE VARIABLES TO YOUR PREPARED QUERY; s STANDS FOR STRINGS */
$stmt->execute(); /* EXECUTE THE QUERY */
$rows = $stmt->num_rows; /* GET NUMBER OF ROWS/RESULTS */
if($rows == 1){ /* IF FOUND RESULT */
$stmt->bind_result($username); /* STORE THE RESULT TO THIS VARIABLE */
$stmt->fetch(); /* FETCH THE RESULT */
$_SESSION['log_user'] = $username; /* STORE THE RESULT TO THIS SESSION VARIABLE */
/* header('LOCATION: http://localhost/HRMS/profile.php'); REDIRECT THE PAGE TO profile.php */
?>
<meta http-equiv="refresh" content=".5; URL='profile.php'"/> <!-- REDIRECT TO profile.php IN HALF A SECOND -->
<?php
}
else {
$error="Username or password is invalid";
}
$stmt->close();
} /* END OF PREPARED STATEMENT */
} /* END OF ELSE */
} /* END OF ISSET SUBMIT */
ob_end_flush();
?>
You should also secure the password being stored in your database. 您还应该保护存储在数据库中的密码。 You can use password_hash() for it. 您可以使用password_hash() 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.