错误处理时,PHP重定向到错误的URL(登录) [英] Php Redirects to wrong URL when error hanling (Login)
问题描述
我需要一些帮助来解决此问题. 我目前有一个网站,其数据库附加有myphpadmin/sql.
I need some help to solve this problem. I currently have a website with a database attached with myphpadmin/sql.
我有一个注册站点,当注册字段为空时,该站点会将用户重定向到该URL. ( http://localhost/register.php?signup = empty )
I have a register site that redirects users to this url when the registration fields are empty. (http://localhost/register.php?signup=empty)
我遇到的问题是,当我尝试在登录页面上登录时,我希望在发生错误或空字段时将用户重定向到这两个url. (index.php?login = empty)和(index.php?login = error).但是相反,我被重定向到( http://localhost/register.php?signup = empty ).
the problem i am have is that when i try to login on my login page, i want the user to be redirected to this these two url's when an error or empty fields occures. (index.php?login=empty) and (index.php?login=error). But instead i get redirected to (http://localhost/register.php?signup=empty).
因此,我认为登录页面上的按钮链接到了不是正确的东西??但是我真的无法解决这个问题.因此,我们将不胜感激.
Therefore i think that my buttons on the login page are linked to something that aint right?? But i really cant seeem to solve the problem. So any help would be appreciated.
这是我的代码.
INDEX.php
<?php session_start(); ?>
<!DOCTYPE html <html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="stylesheet.css" />
<title>CSS Login form</title>
</head>
<body>
<div class="login">
<form action="login.php" method="POST">
<input type="text" name="name" placeholder="Username" id="name">
<input type="password" name="password" placeholder="Password" id="password">
<input type="submit" name="submit" value="Sign In">
<input type="button" value="Sign Up" onclick="location.href='register.php';" />
</div>
</body>
</html>
LOGIN.php
<?php session_start();
if (isset($_POST['submit']))
{
include 'dbh.inc.php';
include 'register.php';
$name = mysqli_real_escape_string($conn, $POST['name']);
$password = mysqli_real_escape_string($conn, $POST['password']);
//check inputs
if (empty($name) || empty($password)) {
header("Location: ../index.php?login=empty");
exit();
} else {
$sql = "SELECT * FROM users WHERE user_name='$name'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resulstCheck < 1) {
header("Location: ../index.php?login=error");
exit();
} else {
if ($row = mysqli_fetch_assoc($result)) {
//de-hashing password
$hashedPasswordCheck = password_verify($password, $row['user_password']);
if ($hashedPasswordCheck == false) {
header("Location: ../index.php?login=error");
exit();
} elseif ($hashedPasswordCheck == true) {
//If true log the user in
$_SESSION['u_id'] = $row['user_id'];
$_SESSION['u_name'] = $row['user_name'];
$_SESSION['u_phone'] = $row['user_phone'];
$_SESSION['u_email'] = $row['user_email'];
$_SESSION['u_zip'] = $row['user_zip'];
header("Location: ../index.php?login=success");
exit();
}
}
}
}
} else {
header("Location: ../index.php?login=error");
exit();
}
REGISTER.php
<?php if (isset($_POST['submit'])) {
include_once 'dbh.inc.php';
$dbServername = "localhost";
$dbUsername = "root";
$dbPassword = "";
$dbName = "loginsystem";
$conn = mysqli_connect($dbServername, $dbUsername, $dbPassword, $dbName);
$name = mysqli_real_escape_string($conn, $_POST['name']);
$phone = mysqli_real_escape_string($conn, $_POST['phone']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$zip = mysqli_real_escape_string($conn, $_POST['zip']);
$password = mysqli_real_escape_string($conn, $_POST['password']);
if (empty($name) || empty($phone) || empty($email) || empty($zip) || empty($password)) {
header("Location: ../register.php?signup=empty");
exit();
} else {
if (
!preg_match("/[\w\s]+/", $name) || !preg_match("/^(\\+)[0-9]{8,30}$/", $phone) ||
!preg_match("/[^@]+@[^@]+\.[^@]+/", $email) || !preg_match("/^[0-9]{4}$/", $zip) ||
!preg_match("/^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9]).{8,}$/", $password)
) {
header("Location: ../register.php?signup=invalid");
exit();
} else {
//Check email
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: ../signup.php?signup=email");
exit();
} else {
$sql = "SELECT * FROM users WHERE user_id='$user_id'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck > 0) {
header("Location: ../signup.php?signup=usertaken");
exit();
} else {
//Hashing of the Password
$hashedPwd = password_hash($password, PASSWORD_DEFAULT);
//Insert user to database
$sql = "INSERT INTO users (user_name, user_phone, user_email,
user_zip, user_password) VALUES ('$name', '$phone', '$email',
'$zip', '$hashedPwd');";
mysqli_query($conn, $sql);
header("Location: ../signup.php?signup=success");
exit();
}
}
}
}
}
?>
<!DOCTYPE HTML>
<html>
<head></head>
<body>
<form class="this.html" method="POST">
<label for="name" style="color: blue;">name</label>
<br>
<input type="text" name="name" id="name" />
<br>
<label for="password">password</label>
<br>
<input type="password" name="password" id="password" />
<br>
<label for="phone">phone number</label>
<br>
<input type="text" name="phone" id="phone" />
<br>
<label for="email">email adress</label>
<br>
<input type="text" name="email" id="email" />
<br>
<label for="zip">zip code</label>
<br>
<input type="text" name="zip" id="zip" />
<br>
<button type="submit" name="submit">Sign up</button>
</form>
</body>
</html>
推荐答案
在login.php顶部
include 'register.php';
结果是,register.php被执行,它看到丢失的empty($name) || empty($phone)...并重定向到header("Location: ../register.php?signup=empty");
The consequence is, that register.php gets executed, it sees the missing empty($name) || empty($phone)... and redirects to header("Location: ../register.php?signup=empty");
简单的解决方案:删除include 'register.php';
The simple solution: remove that include 'register.php';
这篇关于错误处理时,PHP重定向到错误的URL(登录)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
