堆栈内存溢出
  简体   繁体   English

将用户重定向到登录页面

[英]redirect users to the login page

 原文  2010-07-21 15:46:49       php/ authentication

问题描述

I've got the following login script.. 我有以下登录脚本。 

<?php
$name = $_POST["name"];
$password = $_POST["password"];
$query = "SELECT * FROM users WHERE username = '$name'
         AND password = '$password'";
$q=mysql_query($query) or die(mysql_error());
$result = mysql_query($query);
if (mysql_fetch_row($result)) {
  /* access granted */
  session_start();
  header("Cache-control: private");
  $_SESSION["access"] = "granted";
  header("Location: ./menu.php");
  } else
  /* access denied &#8211; redirect back to login */
  header("Location: ./login.html");
  ?>
  mysql_close();
  ?>

But what would I now need to "menu" to redirect users who are not logged in to the login page? 但是,现在我需要“菜单”将未登录的用户重定向到登录页面吗? to prevent direct access? 防止直接访问?

Thanks. 谢谢。

4 个解决方案

解决方案1
 4 已采纳  2010-07-21 15:48:36

in menu.php? 在menu.php中? 

session_start();
if (!isset($_SESSION['access']) || $_SESSION['access'] != "granted") {
  header("Location: ./login.html");
  exit();
}

解决方案2
 2  2010-07-21 15:52:00

You have to put something like this at the top of menu.php: 您必须在menu.php的顶部放置以下内容: 

<?php
    session_start();
    if(!isset($_SESSION['access']) || $_SESSION['access'] != 'granted'){
        header("Location: ./login.html');
    }
?>

And don't forget to sanitize your query input: 并且不要忘记清理您的查询输入: 

$name = mysql_real_escape_string(stripslashes($_POST["name"]));    
$password = mysql_real_escape_string(stripslashes($_POST["password"]));

And don't forget to call session_start(); 并且不要忘了调用session_start(); at the beginning of each script that uses $_SESSION 在每个使用$_SESSION脚本的开头

解决方案3
 1  2010-07-21 15:50:00

Check the value of $_SESSION["access"] on the top of your menu.php. 检查menu.php顶部$_SESSION["access"]的值。 Also, you miss a call to session_start . 另外,您错过了对session_start的呼叫。 It may not be needed if you have session.auto_start enabled, but it's good habit to explicitly call it. 如果启用了session.auto_start,则可能不需要它,但是显式调用它是一个好习惯。

解决方案4
 0  2010-07-21 15:52:31

检查菜单中的$_SESSION["access"]以查看用户是否已登录。顺便说一句,您应该阅读SQL注入并使用转义重写该SQL查询。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 将未登录的用户重定向到登录页面 - Redirect the not logged in users to login page 使用组件登录后,将用户重定向到页面 - Redirect users to the page before after login with component 从登录页面限制或重定向登录的用户 - Restrict or redirect logged in users from login page 重定向未登录用户到自定义登录页面 - Redirect not - logged in users to custom login page WordPress 将非登录用户的页面重定向限制为使用 PHP 登录页面 - WordPress restricted page redirect for non logged users to login page with PHP WordPress - 将登录用户从登录页面重定向到自定义页面 - WordPress - Redirect logged in users from login page to custom page 我要在用户登录后将他们重定向到个人资料页面 - I want to redirect users when they after login, to profile page 登录后尝试将用户重定向到主页 - Attempting to redirect users to home page after wordpress login 登录系统不会将新用户重定向到正确的页面 - Login System won't redirect new users to right page 如何将未登录的用户重定向到 Wordpress 上的登录页面? - How to redirect non logged in users to Login page on Wordpress?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM