问题是:如何在第16行中插入变量$ conf_url作为链接的一部分:header('Location:'$ conf_url.'index_back.php');将变量插入标题位置PHP 1
<?php
session_start();
include("conexao.php");
$email = $_POST['email'];
$senha = $_POST['senha'];
$query1 = mysqli_query($con, "SELECT * FROM usuario WHERE email = '$email' AND senha = '$senha'");
$row = $query1->fetch_row();
$_SESSION["iduser"] = $row[0];
$_SESSION["nome"] = $row[2];
$_SESSION["sobrenome"] = $row[3];
$_SESSION["img"] = $row[8];
if($query1->num_rows == 1){
header('Location:' $conf_url.'index_back.php');
//echo "<meta http-equiv='refresh' content='0, url= $conf_url/index_back.php'>";
}else{
$_SESSION['error'] = 'Email e/ou senha invalido(s).';
header('Location: '$conf_url'.'/login.php);
//echo "<meta http-equiv='refresh' content='0, url= $conf_url/login.php'>";
}
?>
config.php
<?php
$conf_url = "http://localhost/production/";
?>
不要用单引号包裹它。或者任何引用。 –
你只是缺少一个'.'连接标记 – RiggsFolly
[Little Bobby](http://bobby-tables.com/)说*** [你的脚本存在SQL注入攻击风险。](http:// stackoverflow *** /了解[准备](http://en.wikipedia.org/wiki/Prepared_statement)对于[MySQLi ](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php)。即使[转义字符串](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string)是不安全的! [不相信它?](http://stackoverflow.com/q/38297105/1011527) –