1. 首页
  2. 问答
  3. 将变量插入标题位置PHP 1

将变量插入标题位置PHP 1

2016-09-26 67 views
0

问题是:如何在第16行中插入变量$ conf_url作为链接的一部分:header('Location:'$ conf_url.'index_back.php');将变量插入标题位置PHP 1

<?php 
session_start(); 
include("conexao.php"); 

$email = $_POST['email']; 
$senha = $_POST['senha']; 

$query1 = mysqli_query($con, "SELECT * FROM usuario WHERE email = '$email' AND senha = '$senha'"); 
$row = $query1->fetch_row(); 
$_SESSION["iduser"] = $row[0]; 
$_SESSION["nome"] = $row[2]; 
$_SESSION["sobrenome"] = $row[3]; 
$_SESSION["img"] = $row[8]; 

if($query1->num_rows == 1){ 
    header('Location:' $conf_url.'index_back.php'); 
    //echo "<meta http-equiv='refresh' content='0, url= $conf_url/index_back.php'>"; 
}else{ 
    $_SESSION['error'] = 'Email e/ou senha invalido(s).'; 
    header('Location: '$conf_url'.'/login.php); 
    //echo "<meta http-equiv='refresh' content='0, url= $conf_url/login.php'>"; 
} 
?> 

config.php 
<?php 
$conf_url = "http://localhost/production/"; 
?>

来源

2016-09-26 Pedro Rocha

+1

不要用单引号包裹它。或者任何引用。 –

+1

你只是缺少一个'.'连接标记 – RiggsFolly

+1

[Little Bobby](http://bobby-tables.com/)说*** [你的脚本存在SQL注入攻击风险。](http:// stackoverflow *** /了解[准备](http://en.wikipedia.org/wiki/Prepared_statement)对于[MySQLi ](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php)。即使[转义字符串](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string)是不安全的! [不相信它?](http://stackoverflow.com/q/38297105/1011527) –

回答

0

你可以像这样

header("Location: " .$conf_url. "/login.php");

来源

2016-09-26 12:24:09 Marcin

+3

为什么将一个完全适合的单引号改为双引号,然后在简单变量扩展使用双引号时使用点连接 – RiggsFolly

0

你只是错过了 ''在你的两个header()函数中连接标记,并且也弄乱了字符串文字。

if($query1->num_rows == 1){ 
    header('Location:' . $conf_url . '/index_back.php'); 

}else{ 
    $_SESSION['error'] = 'Email e/ou senha invalido(s).'; 
    header('Location: ' . $conf_url . '/login.php'); 

}

或者在双引号中使用可变扩展。

if($query1->num_rows == 1){ 
    header("Location: $conf_url/index_back.php"); 

}else{ 
    $_SESSION['error'] = 'Email e/ou senha invalido(s).'; 
    header("Location: $conf_url/login.php"); 

}

来源

2016-09-26 12:32:06 RiggsFolly

相关问题

 相关问题