[英]Is $_SERVER[HTTP_HOST] the cause of redirect issues?
我啟用了虛榮網址(user.domain.com)。 當會話過期或有人清除cookie時,頁面將被重定向到具有登錄頁面的user.domain.com。 所以,在我使用以下代碼的所有頁面上:
if(!isset($_SESSION['user_name'])) { header("Location: http://$_SERVER[HTTP_HOST]");}
10次中的2次我收到重定向錯誤,指出該頁面重定向次數過多。
這可能是原因嗎? 如果我能做的是以不會導致此類問題的方式重定向。
謝謝。
登錄代碼:
<?php
session_start();
// Process the POST variables
$username = $_SESSION["user_name"];
//$password = $_POST["password"];
// Set up the session variables
$_SESSION["user_name"] = $username;
$ugData = $_REQUEST['sub_name'];
if($_POST){
$_SESSION['user_name']=$_POST["user_name"];
$_SESSION['password']=$_POST["password"];
}
$secret = $info['password'];
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT user_name, password FROM accounts WHERE user_name = '$username' and sub_name='$ugData'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if (@ $info['password'] != $pass)
{
}
else
{
header("Location: home.php");
}
}
}
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
// makes sure they filled it in
if(!$_POST['user_name'] | !$_POST['password']) {
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['user_name'] = addslashes($_POST['user_name']);
}
$check = mysql_query("SELECT user_name,password FROM accounts
WHERE user_name = '".$_POST['user_name']."'
and sub_name='".$ugData."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database.
<a href=add.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['password'] = md5($_POST['password']);
$_POST['password'] = $_POST['password'];
//gives error if the password is wrong
if (@ $_POST['password'] != $info['password']) {
die('Incorrect password, please try again');
}
else
{
// if login is ok then we add a cookie
$_POST['user_name'] = stripslashes($_POST['user_name']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['user_name'], $hour);
setcookie(Key_my_site, $_POST['password'], $hour);
//then redirect them to the members area
header("Location: home.php");
}
}
}
else
{
?>
假設重定向到http://yourserver/
意味着http://yourserver/index.php
,那么你應該改變if to read
if(!isset($_SESSION['user_name']) && $_SERVER['PHP_SELF'] != '/index.php')
{
header("Location: http://$_SERVER[HTTP_HOST]");
}
這將避免無休止的重定向。
header("Location: http://{$_SERVER['HTTP_HOST']}");
這不是問題。
但是,如果您確實在登錄頁面上有該代碼,那么您只需將自己重定向到主頁,因為您將無法登錄。
如果用戶在登錄頁面上,請確保不重定向用戶。
編輯:嘗試header('Location: /');
也許你有一些奇怪的服務器問題,導致$_SERVER['HTTP_HOST']
有時會為空。
嘗試使用die():
if(!isset($_SESSION['user_name'])) { header("Location: http://user.domain.com"); die();}
如果url從用戶更改為用戶首先從db獲取用戶名,並在重定向中使用它。 嘗試類似的東西:
...
$username = $row["username"];
...
並使用它:
if(!isset($_SESSION['user_name'])) { header("Location: http://".$username.".domain.com"); die();}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.