-2
所以,我做了一个网站和它的登录系统。有一个登陆页面,一个“新帖子”页面和一个登录页面。我不希望用户在未登录的情况下访问“新文章”页面[已解决],但是,如果他将尝试在没有会话的情况下访问它,它将使用/ login /?将其重定向到登录页面。新的。 当他在地址栏中使用?new登录时,它应该将他重定向到“New post”页面,如果url只是/ login /,它会将他带到登陆页面。 这就是我试图做的代码:需要帮助Php isset()
if($count == 1 && $row['userPass']==$password && isset($_POST["new"])) {
$_SESSION['user'] = $row['userId'];
header('Location:../new');
} else if ($count == 1 && $row['userPass']==$password) {
$_SESSION['user'] = $row['userId'];
header('Location:../');
}
else {
$errMSG = "Incorrect Credentials, Try again...";
}
这就是全码:
<?php
ob_start();
session_start();
require_once 'dbconnect.php';
$error = false;
if(isset($_POST['btn-login'])) {
// prevent sql injections/ clear user invalid inputs
$email = trim($_POST['email']);
$email = strip_tags($email);
$email = htmlspecialchars($email);
$pass = trim($_POST['pass']);
$pass = strip_tags($pass);
$pass = htmlspecialchars($pass);
// prevent sql injections/clear user invalid inputs
if(empty($email)){
$error = true;
$emailError = "Please enter your email address.";
} else if (!filter_var($email,FILTER_VALIDATE_EMAIL)) {
$error = true;
$emailError = "Please enter valid email address.";
}
if(empty($pass)){
$error = true;
$passError = "Please enter your password.";
}
// if there's no error, continue to login
if (!$error) {
$password = hash('sha256', $pass); // password hashing using SHA256
$res=mysql_query("SELECT userId, userName, userPass FROM users WHERE userEmail='$email'");
$row=mysql_fetch_array($res);
$count = mysql_num_rows($res); // if uname/pass correct it returns must be 1 row
if($count == 1 && $row['userPass']==$password && isset($_POST["new"])) {
$_SESSION['user'] = $row['userId'];
header('Location:../new');
} else if ($count == 1 && $row['userPass']==$password) {
$_SESSION['user'] = $row['userId'];
header('Location:../');
}
else {
$errMSG = "Incorrect Credentials, Try again...";
}
}
}
?>
与此代码会发生什么?我在这里看不到任何关于URL的信息。 – chris85
网址是http://world-sports.000webhostapp.com –
它总是将我重定向到登录页 –