[英]How to redirect after successful login in PHP?
我正在嘗試編寫此代碼,但是由於某些原因,我無法:
<?php
include 'AS.php';
//csrf protection
if(empty($_SERVER['HTTP_X_REQUESTED_WITH']) || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != 'xmlhttprequest')
die("Sorry bro!");
$url = parse_url( isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '');
if( !isset( $url['host']) || ($url['host'] != $_SERVER['SERVER_NAME']))
die("Sorry bro!");
$action = $_POST['action'];
switch ($action) {
case 'checkLogin':
$logged = $login->userLogin($_POST['username'], $_POST['password']);
if($logged === true)
header( "refresh: 5; url=index.php" );
echo 'You\'ll be redirected in about 5 secs. ';
echo 'If not, click <a href="index.php">here</a>.';
break;
由於某種原因header(“ refresh:5; url = index.php”); 不起作用,因為對頁面沒有影響。
如果我只嘗試標題重定向,就可以完成此工作,但是頁面卻不能完全加載,它會加載一些CSS問題,因此我決定使用刷新。
這個想法是,當用戶登錄時,它只是刷新頁面,因此他將位於我腳本的后端區域。
好的,所以我認為我的錯誤不能很好地解釋這種情況:
我有這個腳本,原始代碼是這樣的:
<?php
include 'AS.php';
//csrf protection
if(empty($_SERVER['HTTP_X_REQUESTED_WITH']) || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != 'xmlhttprequest')
die("Sorry bro!");
$url = parse_url( isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '');
if( !isset( $url['host']) || ($url['host'] != $_SERVER['SERVER_NAME']))
die("Sorry bro!");
$action = $_POST['action'];
switch ($action) {
case 'checkLogin':
$logged = $login->userLogin($_POST['username'], $_POST['password']);
if($logged === true)
echo "true";
break;
case "registerUser":
$register->register($_POST['user']);
break;
case "addUser":
$registeruser->registeruser($_POST['user']);
break;
case "resetPassword":
$register->resetPassword($_POST['newPass'], $_POST['key']);
break;
case "forgotPassword":
$register->forgotPassword($_POST['email']);
break;
case "logout":
ASSession::destroySession();
break;
case "postComment":
$ASComment = new ASComment();
echo $ASComment->insertComment(ASSession::get("user_id"), $_POST['comment']);
break;
case "updatePassword":
$user = new ASUser(ASSession::get("user_id"));
$user->updatePassword($_POST['oldpass'], $_POST['newpass']);
break;
case "updateDetails":
$user = new ASUser(ASSession::get("user_id"));
$user->updateDetails($_POST['details']);
break;
case "updateEmail":
$user = new ASUser(ASSession::get("user_id"));
$user->updateEmail($_POST['email']);
break;
case "updateUser":
$loggedUser = new ASUser(ASSession::get("user_id"));
if(!$loggedUser->isAdmin()) exit();
//$idusuario = ASSession::get("iduser");
$username = $_POST['userdata']['username'];
$result = $db->select("SELECT * FROM `as_users` WHERE `username` = :u", array( 'u' => $username ));
$user = new ASUser($result[0]['user_id']);
$user->updateUser($_POST['userdata']);
break;
case "updatePass":
$loggedUser = new ASUser(ASSession::get("user_id"));
if(!$loggedUser->isAdmin()) exit();
$idusuario = ASSession::get("iduser");
$result = $db->select("SELECT * FROM `as_users` WHERE `user_id` = :u", array( 'u' => $idusuario ));
$user = new ASUser($result[0]['user_id']);
$user->updatePass($_POST['newpass']);
break;
case "changeRole":
$loggedUser = new ASUser(ASSession::get("user_id"));
if(!$loggedUser->isAdmin()) exit();
$user = new ASUser($_POST['userId']);
echo ucfirst($user->changeRole());
break;
case "deleteUser":
$loggedUser = new ASUser(ASSession::get("user_id"));
if(!$loggedUser->isAdmin()) exit();
$user = new ASUser($_POST['userId']);
$user->deleteUser();
break;
case "getUserDetails":
$user = new ASUser($_POST['userId']);
$loggedUser = new ASUser(ASSession::get("user_id"));
if(!$loggedUser->isAdmin()) exit();
$info = $user->getInfo();
//prepare and output result
$result = $user->getDetails();
$result['email'] = $info['email'];
$result['username'] = $info['username'];
echo json_encode($result);
break;
case "addRole":
$loggedUser = new ASUser(ASSession::get("user_id"));
if(!$loggedUser->isAdmin()) exit();
$res = $db->select("SELECT * FROM `as_user_roles` WHERE `role` = :r", array( 'r' => $_POST['role'] ));
if(count($res) == 0) {
$db->insert("as_user_roles", array("role" => strtolower(strip_tags($_POST['role']))));
$result = array(
"status" => "success",
"roleName" => strip_tags($_POST['role']),
"roleId" => $db->lastInsertId()
);
}
else {
$result = array(
"status" => "error",
"message" => "Role already exists."
);
}
echo json_encode($result);
break;
case "deleteRole":
$loggedUser = new ASUser(ASSession::get("user_id"));
if(!$loggedUser->isAdmin()) exit();
//default user roles can't be deleted
if(in_array($_POST['roleId'], array(1,2,3)) )
exit();
$db->delete("as_user_roles", "role_id = :id", array(
"id" => $_POST['roleId']
));
$db->update("as_users", array( 'user_role' => "1" ), "user_role = :r", array( "r" => $_POST['roleId'] ) );
break;
default:
break;
}
問題是,該腳本是為了與ajax一起使用而制作的,應該使用ajax重新加載頁面,但是不是,我正在子域上運行此腳本,我在主域中也安裝了wordpress,並且Ajax運作良好,但是我不確定為什么不能在此腳本上工作,因此我決定也許在提交登錄表單后重新加載頁面,該問題就可以解決。
問題是,當我提交表單時,它僅顯示:“ true”消息,但是如果我手動重新加載頁面,它不會重新加載頁面,因此它可以正常工作,並且我已經登錄了。這就是整個問題。
在整個編碼方面,我仍然是一個菜鳥,但是我正在努力,如果需要任何其他代碼,為了使內容更清楚,我將嘗試進行。
您可以簡單地使用Location標頭,即:
header('Location: /home.php');
代替:
header( "refresh: 5; url=index.php" );
您確定$ logged的回報是正確的嗎?
if($logged === true)
header( "refresh: 5; url=index.php" );
echo 'You\'ll be redirected in about 5 secs. ';
echo 'If not, click <a href="index.php">here</a>.';
如果不這樣做,它仍然會寫出回顯文本,但標題將無法運行。
確保使用此代碼(使用{}括號)
if($logged === true)
{
header( "refresh: 5; url=index.php" );
echo 'You\'ll be redirected in about 5 secs. ';
echo 'If not, click <a href="index.php">here</a>.';
}
else
{
echo 'Wrong username or password!';
}
感謝所有幫助,最后我找到了這段代碼,它非常有用,登錄驗證也正常工作,這是代碼已更改且可以正常運行:
`<?php
include 'AS.php';
//csrf protection
if(empty($_SERVER['HTTP_X_REQUESTED_WITH']) || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != 'xmlhttprequest')
die("Sorry bro!");
$url = parse_url( isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '');
if( !isset( $url['host']) || ($url['host'] != $_SERVER['SERVER_NAME']))
die("Sorry bro!");
$action = $_POST['action'];
switch ($action) {
case 'checkLogin':
$logged = $login->userLogin($_POST['username'], $_POST['password']);
if($logged === true)
echo '<script>parent.window.location.reload(true);</script>';
break;`
這達到了目的:
echo '<script>parent.window.location.reload(true);</script>';
我想知道是否有可能增加此重新加載的延遲,所以我可以在登錄之前輸入一條消息,我也想知道這種方式是否安全。
最好的祝福。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.