if(!isset($ _ SESSION ['username'])))导致用户从verify_login_form.php重定向回index.php [英] if(!isset($_SESSION['username'])) causing users to be redirected from verify_login_form.php back to index.php
问题描述
我的网站上有一个登录系统,该系统将用户从index.php转移到verify_login_form.php,然后,如果Email/Username组合与某个帐户匹配,则会将他们带到home.php.我遇到的问题是我有
I have a login system on my website which takes the user from index.php to verify_login_form.php and then, if the Email/Username combination matches an account they are taken to home.php . The problem that I am having is that I have
if(!isset($_SESSION['username'])) {
header('Location: index.php');
}
在home.php上可以避免人们无需登录/注册即可直接输入websitename.com/home.php.问题在于,用户使用他们的电子邮件和密码登录,然后被带到home.php,因此他们不必输入用户名.如何获得具有相同电子邮件地址和密码的帐户的用户名?
on home.php to avoid people from just typing websitename.com/home.php without signing in/signing up. The problem is that, the user logs in with their email and password and is then taken to home.php , So they don't have to enter their username. How could I get the username of an account with the same email and password?
这是index.php
Here is index.php
<!DOCTYPE html>
<?php
session_start();
if(isset($_SESSION['username'])) {
header("Location: home.php");
$_SESSION["success"] = "You are now logged in";
}
?>
<html>
<head>
</head>
<body>
<form action="verify_registration_form.php" method="post">
<br>
<input type="username" id="user_name" name="user_name" placeholder="Username" required>
<br><br><br><br><input type="password" id="user_pass_word" name="user_pass_word" placeholder="Password" required>
<br><br><br><br><input type="email" id="user_email" name="user_email" placeholder="Email" required>
<br><br><br><br><input type="submit" class="submit_registration_form_button" id="submit_registration_form_button" name="submit_registration_form_button" value="Sign Up">
</form>
<form action="verify_login_form.php" method="post">
<input type="username" id="user_email_login" name="user_email_login" placeholder="Email" required>
<input type="password" id="user_pass_word_login" name="user_pass_word_login" placeholder="Password" required>
<input type="submit" class="submit_user_login_form_button" id="submit_user_login_form_button" name="submit_registration_form_button" value="Log In">
</form>
</body>
</html>
这是verify_login_form.php
Here is verify_login_form.php
<!DOCTYPE html>
<?php
session_start();
if($_SERVER['REQUEST_METHOD'] != 'POST') {
header("Location: index.php");
}else{
$connection = mysqli_connect("localhost", "root", "", "websiteusers");
if(!$connection) {
echo "Could not connect to MYSQL database";
}else{
echo "Sucessfully connected to MYSQL database";
$connection = mysqli_connect("localhost", "root", "", "websiteusers");
$useremail = mysqli_real_escape_string($connection,
$_POST["user_email_login"]);
$userpassword = mysqli_real_escape_string($connection,
$_POST["user_pass_word_login"]);
$query = "SELECT * FROM websiteusers WHERE UserEmail='$useremail'";
$results = mysqli_query($connection, $query);
if(mysqli_num_rows($results) == 1) {
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header("Location: home.php");
}else{
echo "Email/Username combination is incorrect";
}
}
}
?>
<html>
<head>
</head>
<body>
</body>
</html>
这是home.php
Here is home.php
<!DOCTYPE html>
<?php
session_start();
if(!isset($_SESSION['username'])) {
header('Location: index.php');
}
?>
<html>
<head>
</head>
<body>
<?php
echo $_SESSION["success"];
?>
<?php if (isset($_SESSION['username'])) : ?>
<p>Welcome <?php echo $_SESSION['username']; ?>
<br><br>
<form action="logout.php" method="post">
<input type="submit" id="logoutbutton" name="logoutbutton" class="logoutbutton" value="Logout">
</form>
<?php endif ?>
</body>
</html>
推荐答案
您要做的就是为登录创建会话.因此,这就是窍门.每次从索引移到主目录时,都应检查登录会话是否存在.如果没有,请要求用户登录.
All you have to do is create a session for the login. So here is the trick. Each time you move from index to home, you shoulkd check if the login session exists. If not, ask the user to login.
检查用户是否登录
<?PHP
session_start();
if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {
header ("Location: login.php");
}
?>
同样,我们首先开始一个PHP会话.接下来的IF语句非常复杂.但是我们正在测试两件事:是否设置了一个名为login的用户会话?这是空字符串吗?
Again, we first start a PHP session. The IF Statement that comes next is quite complex. But we're testing for two things: has a user session called login been set? And is this session a blank string?
!(isset($_SESSION['login']) && $_SESSION['login'] != '')
第一部分是这个:
!(isset($_SESSION['login'])
要检查是否设置了会话,可以使用内置函数isset.我们之前使用的是NOT运算符. (NOT运算符是一个感叹号.)因此,我们说的是如果未设置会话".会话可能已设置,但其中可能有一个"1".我们还需要检查称为login的会话是否为非空白字符串.如果这两种方法均失败,那么我们可以重定向到login.php页面,因为这意味着用户尚未登录.
To check if a session is set you can use the inbuilt function isset. We're using the NOT operator before it. (The NOT operator is an exclamation mark.) So we're saying, "IF the session is NOT set". The session might be set, but may have a "1" in it. We also need to check if the session called login is a NOT blank string. If both of these things fail then we can redirect to the login.php page, as it means that the user is not logged in.
对于站点中的每个页面,如果页面顶部都具有上述脚本,则该页面将在用户未登录时重定向用户.这样,您可以保护页面免受非成员访问.如果他们已经登录,他们将能够查看该页面.
For every page in your site, if you have the above script at the top of your page, it will redirect a user if they are not logged in. That way, you can protect your pages from non-members. If they are logged in, they will be able to view the page.
注销 如果您查看logout.php的代码,则会看到以下内容:
Logging out If you have a look at the code for logout.php you'll see the following:
<?PHP
session_start();
session_destroy();
?>
这是注销用户所需的全部操作:启动会话,然后发出session_destroy命令.您所需要的只是从您网站上任何位置的此页面的链接.链接就像HTML一样是这样的:
This is all you need to log a user out: you start a session, and then issue the session_destroy command. All you need is a link to this page from anywhere on your site. The link would be something like this as your HTML:
<A HREF = logout.php>Log Out</A>
当用户单击此链接时,他们将被带到带有破坏会话的代码的页面.
When the user clicks this link, they will be taken to the page with the code that destroys the session.
这篇关于if(!isset($ _ SESSION ['username'])))导致用户从verify_login_form.php重定向回index.php的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
