堆栈内存溢出
  简体   繁体   English

(PHP)登录只被重定向到一页

[英](PHP)Login Only Gets Redirected To 1 Page

 原文  2022-01-10 10:24:46       php/ html/ web

问题描述

My admin page is The only one being accessed for both.我的管理页面是两者都可以访问的唯一页面。

my Code: <?php我的代码:<?php

  if ($_SERVER[ 'REQUEST_METHOD' ] == 'POST')
  {
  $usernane = $_POST['username'];
  $password = sha1($_POST['password' ]);
  $stmt = $conn->prepare("SELECT * FROM users WHERE username = ? AND password = ? LIMIT 1");
  $stmt->execute(array($usernane, $password));
  $checkuser = $stmt->rowCount();
  $user = $stmt->fetch();

When Ever I log into my User page it gets redirected to the Admin Page.当我登录到我的用户页面时,它会被重定向到管理页面。

When I try to adjust the code most of the time only 1 page works.当我大部分时间尝试调整代码时,只有 1 页有效。

Any help will be appreciated!任何帮助将不胜感激!

  if ($checkuser === 0)
  {
  $_SESSION[ 'user' ] = $user['username'];
  $_SESSION[ 'type'] = $user['type'];
  header('location:User.php');

  }if ($checkuser === 1)
  {
  $_SESSION[ 'user' ] = $user['username'];
  $_SESSION[ 'type'] = $user['type'];
  header('location:Admin.php');

  }
  }
  ?>

2 个解决方案

解决方案1
 1  2022-01-10 10:40:07

I hope this will help you:我希望这能帮到您:

  1. Rearrange your user table:重新排列您的用户表:
    USER:
      -> id (int)
      -> username (string)
      -> password (string)
      -> isAdmin (bool)
  1. fire your Request:触发您的请求:
    $usernane = $_POST['username'];
    $password = sha1($_POST['password' ]);
    $stmt = $conn->prepare("SELECT * FROM users WHERE username = ? AND password = ? LIMIT 1");
    $stmt->execute(array($usernane, $password));
  1. check the result检查结果
    if($stmt->rowCount() > 0) {
      $user = $stmt->fetch();
      if($user['isAdmin'])
      {
        $target = 'Admin.php';
      } else {
        $target = 'User.php';
      }
      header(sprintf('location:%s', $target));
      
    } else {
      // no user found with this credentials
    }

Be careful, I have not tested the code.小心,我没有测试过代码。

Next you have todo: never save clear passwords to the database.接下来你必须做的:永远不要将明确的密码保存到数据库中。 Take a look on the password tools of php and use that.查看 php 的密码工具并使用它。

https://www.php.net/manual/de/function.password-hash.php https://www.php.net/manual/de/function.password-hash.php

解决方案2
 0 已采纳  2022-01-10 10:36:09

In the second part of your code you are checking whether the user exists or not, if you want to seperate admins from normal users, you need to check the usertype instead of row count:在代码的第二部分中,您正在检查用户是否存在,如果要将管理员与普通用户分开,则需要检查用户类型而不是行数:

/*----- Check User Exists? ------*/
    if ($checkuser === 0){
        // This area will execute when user not exists.
    }else if($checkuser === 1){ // I suggest to add 'else' in here 

        /*----- Get user Data ------*/
            $_SESSION[ 'user' ] = $user['username'];
            $_SESSION[ 'type'] = $user['type'];

    /*----- Check Privilage In here ------*/
        if($user['type'] == 1){ // If your admin type == 1 then use it else change '1' in here
            header('location:Admin.php');
        }else{
            header('location:User.php');
        }

    }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP:页面未重定向回登录页面 - PHP: Page not redirected back to the login page PHP页面在没有执行其余脚本的情况下被重定向 - PHP page gets redirected without the execution of the rest of the script 只允许查看从 example.com/login 重定向的页面 - Only allow to view a page that is redirected from example.com/login 无法重定向到 PHP 中的另一个页面(登录功能) - Can't redirected to another page in PHP (Login function) 页面没有被重定向到PHP - Page not getting redirected php 仅当用户从某个页面重定向时才允许调用PHP吗? - Only allow call of PHP when user is redirected from a certain page? 防止直接访问 php 页面,只有在重定向时才能访问 - preventing direct access to a php page, only access if redirected PHP将数据发送到重定向页面 - PHP sending data to the redirected page 获取重定向页面的URL-PHP - Getting the URL of redirected page - PHP PHP中重定向页面中的授权控制 - Authorization control in redirected page in php
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM