重定向php页面成功登录
[英]redirect php page success login
问题描述
A very nice person from inhere helped me making a login form with cookies, and it works perfectly fine. 
来自这里的一个很好的人帮助我制作了一个带有Cookie的登录表单,并且效果很好。 So when I login I get redirected to home.php, where I also can logout. 因此,当我登录时,我将重定向到home.php,在此我也可以注销。 But I am not quite sure of something. 但是我不太确定。 If I have a succesfull login, I would like to get redirected to profile.php, and not home.php? 如果我成功登录,我想重定向到profile.php,而不是home.php吗?
Best Regards Julie 最好的问候朱莉
index.php: index.php:
<?php
$error='';
if( !isset( $_SESSION ) ) session_start();
if( !isset( $_SESSION['username'])) include('login.php');
else exit( header('Location: home.php') );
?>
<!doctype html>
<html>
<head>
<meta charset='utf-8'>
<title>PHP Login Form with Session</title>
<link rel='stylesheet' href='style.css' type='text/css' />
</head>
<body>
<h1>PHP Login Form with Session</h1>
<div class='loginBox'>
<h3>Login Form</h3>
<br><br>
<form method='post' action=''>
<label>Username:</label><br>
<input type='text' name='username' placeholder='username' /><br><br>
<label>Password:</label><br>
<input type='password' name='password' placeholder='password' /><br><br>
<input type='submit' name='submit' value='Login' />
</form>
<div class='error'><?php echo $error;?></div>
</div>
</body>
</html>
login.php: login.php:
<?php
/* login.php */
if( !isset( $_SESSION ) ) session_start();
include('dbconfic.inc.php' );
$error = '';
if( $_SERVER['REQUEST_METHOD']=='POST' && isset( $_POST['submit'] ) ) {
if( empty( $_POST['username'] ) || empty( $_POST['password'] ) ){
$error = 'Both fields are required.';
} else {
/*
Use prepared statements - mitigates agsint sql injection.
Use placeholders in the sql which are used by the `bind_param` statement
*/
$sql='SELECT `uid` FROM `users` WHERE `username`=? AND md5( `password` )=? limit 1 ';
$stmt=$db->prepare( $sql );
if( !$stmt ) exit('Failed to prepare sql statement');
/*
md5 is not recommended for password hashing as it is generally considered to be broken
bind the variables to the placeholders & execute the sql
*/
$username=$_POST['username'];
$password=md5( $_POST['password'] );
$stmt->bind_param('ss', $username, $password );
$res=$stmt->execute();
/* bind the result of the query to a variable */
$stmt->bind_result( $login_user );
while( $stmt->fetch() ){
/* go through recordset ( 1 record ) */
$_SESSION['username'] = $login_user;
}
$stmt->close();
$db->close();
if( isset( $_SESSION['username'] ) ) exit( header( 'location: home.php' ) );
else $error='Incorrect username or password.';
}
}
?>
home.php: home.php:
<?php
/* home.php */
if( !isset( $_SESSION ) ) session_start();
if( !isset( $_SESSION['username'] ) ) exit( header('Location: index.php') );
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Home</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<h1 class="hello">Hello, <em><?php echo $_SESSION['username'];?>!</em></h1>
<br><br><br>
<a href="logout.php" style="font-size:18px">Logout?</a>
<a href="test.php">test</a>
</body>
</html>
1 个解决方案
解决方案1
1 已采纳 2016-02-02 21:02:34
Its make only a difference in the file structure else it would be for the client side no problem. 它仅在文件结构上有所不同,否则对于客户端来说没有问题。 Also do that with my index.php (Also my main page and with login the profile page). 也可以使用我的index.php(也是我的主页,并登录个人资料页面)进行操作。
Tip: Don't use md5 encryttion for passwords. 提示:请勿使用md5加密作为密码。 Use the PHP 5.x password hashing libary. 使用PHP 5.x密码哈希库。 MD5 and SHA are today unsafe. MD5和SHA目前不安全。 Passwors_hashing libary is the securest way with hashing passwords Passwors_hashing库是使用哈希密码的最安全方法
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.