[英]Is $_SERVER[HTTP_HOST] the cause of redirect issues?
我启用了虚荣网址(user.domain.com)。 当会话过期或有人清除cookie时,页面将被重定向到具有登录页面的user.domain.com。 所以,在我使用以下代码的所有页面上:
if(!isset($_SESSION['user_name'])) { header("Location: http://$_SERVER[HTTP_HOST]");}
10次中的2次我收到重定向错误,指出该页面重定向次数过多。
这可能是原因吗? 如果我能做的是以不会导致此类问题的方式重定向。
谢谢。
登录代码:
<?php
session_start();
// Process the POST variables
$username = $_SESSION["user_name"];
//$password = $_POST["password"];
// Set up the session variables
$_SESSION["user_name"] = $username;
$ugData = $_REQUEST['sub_name'];
if($_POST){
$_SESSION['user_name']=$_POST["user_name"];
$_SESSION['password']=$_POST["password"];
}
$secret = $info['password'];
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT user_name, password FROM accounts WHERE user_name = '$username' and sub_name='$ugData'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if (@ $info['password'] != $pass)
{
}
else
{
header("Location: home.php");
}
}
}
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
// makes sure they filled it in
if(!$_POST['user_name'] | !$_POST['password']) {
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['user_name'] = addslashes($_POST['user_name']);
}
$check = mysql_query("SELECT user_name,password FROM accounts
WHERE user_name = '".$_POST['user_name']."'
and sub_name='".$ugData."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database.
<a href=add.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['password'] = md5($_POST['password']);
$_POST['password'] = $_POST['password'];
//gives error if the password is wrong
if (@ $_POST['password'] != $info['password']) {
die('Incorrect password, please try again');
}
else
{
// if login is ok then we add a cookie
$_POST['user_name'] = stripslashes($_POST['user_name']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['user_name'], $hour);
setcookie(Key_my_site, $_POST['password'], $hour);
//then redirect them to the members area
header("Location: home.php");
}
}
}
else
{
?>
假设重定向到http://yourserver/
意味着http://yourserver/index.php
,那么你应该改变if to read
if(!isset($_SESSION['user_name']) && $_SERVER['PHP_SELF'] != '/index.php')
{
header("Location: http://$_SERVER[HTTP_HOST]");
}
这将避免无休止的重定向。
header("Location: http://{$_SERVER['HTTP_HOST']}");
这不是问题。
但是,如果您确实在登录页面上有该代码,那么您只需将自己重定向到主页,因为您将无法登录。
如果用户在登录页面上,请确保不重定向用户。
编辑:尝试header('Location: /');
也许你有一些奇怪的服务器问题,导致$_SERVER['HTTP_HOST']
有时会为空。
尝试使用die():
if(!isset($_SESSION['user_name'])) { header("Location: http://user.domain.com"); die();}
如果url从用户更改为用户首先从db获取用户名,并在重定向中使用它。 尝试类似的东西:
...
$username = $row["username"];
...
并使用它:
if(!isset($_SESSION['user_name'])) { header("Location: http://".$username.".domain.com"); die();}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.