第一:代码!
loginform.html
<form action="" method="post" id="loginform">
<h3>Login</h3>
<input type="text" name="username" placeholder="Username">
<br>
<br>
<input type="password" name="password" placeholder="Password">
<br>
<input type="submit" name="logsubmit" value="Login" class="registerbutton">
</form>
login.php
<?php
require_once("../resources/config.php");
require_once("../resources/library/dbconnect.php");
function checkUser($con) {
if (isset($_POST['username']) && isset($_POST['password'])){
$username = $_POST['username'];
$pw = md5($_POST['password']);
$sql="SELECT * FROM `users` WHERE username='$username' and pw='$pw'";
$result = mysqli_query($con, $sql);
$row = mysqli_fetch_assoc($result);
if ($result==true && $username == $row["username"] && $pw==$row["pw"]) {
$_SESSION["logged_in"] = 1;
$_SESSION["admin"] = $row["admin"];
$_SESSION["username"] = $row["username"];
}
else {
$msg = "Das war nichts! Passwort oder Username falsch? <br>".mysqli_error($con);
unset($_SESSION["logged_in"]);
}
}
}
checkUser($connection);
header('location: ../public_html/index.php');
exit;
?>
index.php
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Barstone</title>
<link rel="stylesheet" href="css/default.php" type="text/css">
<link href='http://fonts.googleapis.com/css?family=Bitter:700&subset=latin,latin-ext' rel='stylesheet' type='text/css'>
</head>
<body>
<?php require_once("../resources/config.php");
require_once("../resources/library/header_nav.php");?>
<div class="pagewrapper">
<div class="register-container">
<?php if(!isset($_SESSION['logged_in']) || !isset($_POST['regsubmit']))
{require_once("../resources/library/registerform.php");}
if (isset($_POST['regsubmit']) && $_SESSION['register_check']==true) {printf("Success! Welcome %s!",$_POST['username']);}
?>
</div>
<div class="login-container">
<?php if (isset($_SESSION['logged_in'])) { printf ("<form action='../resources/library/logout.php' method='post' id='loginform'><h3> Hello %s! </h3> Nice to see you!<input type='submit' class='logoutbutton' value='logout'> </form>",$_SESSION["username"]);
}?>
<?php if (isset($_POST["logsubmit"])) {require_once("../resources/library/login.php");
}
else { if (!isset($_SESSION['username'])) {require_once("../resources/library/loginform.html");}}
?>
</div>
<div class="content">
<?php require_once("../resources/library/articles.php");?>
</div>
</div>
</body>
</html>
relevant index.php part
{printf ("<form action='../resources/library/logout.php' method='post' id='loginform'>
<h3> Hello %s!</h3> Nice to see you!
<input type='submit' class='logoutbutton' value='logout'>
</form>",$_SESSION["username"]);}
?>
<?php if (isset($_POST["logsubmit"])) {require_once("../resources/library/login.php");}
else {if (!isset($_SESSION['username']))
{require_once("../resources/library/loginform.html");}
}?>
</div>
这应该做什么:
如果用户未登录,显示loginform.html
。如果登录按钮被按下,使用login.php
来登录用户。
当用户使用登录表单登录网站后,它会显示一个小的欢迎信息和一个用于注销的新按钮。
显示登录表单工作正常。
有人登录后,无显示。但是在重新加载页面后,按钮在那里并且工作正常
$_SESSION['logged_in']
变量是在登录时设置的,但是为什么页面需要重新加载才能正确解释该语句呢?
我承认我这样做不一定是"最佳实践",我愿意接受任何建议。仍然在学习。:)
测试:http://hsturnierv2.pixelpioniere.net/public_html/index.php登录为"test"与pw"test"
你在做什么?
<?php if (isset($_SESSION['logged_in']))
// output something
?>
<?php
if (isset($_POST["logsubmit"])) {
// process login with login.php
} else {
if (!isset($_SESSION['username'])) {
//display login form
}
?>
好吧,这里发生了什么…
用户第一次访问网站。(未登录且未提交登录表单)
$_SESSION['logged_in']未设置并且//输出未到达的内容
$_POST['logsubmit']未设置,$_SESSION ['username']未设置所以登录表单显示为
用户提交Loginform$_SESSION['logged_in']未设置并且//输出未到达的内容
$_POST['logsubmit']设置并调用login.php如果login.php中没有输出,页面将保持空白。我假设你在login.php
中设置了会话变量用户登录后重新加载页面$_SESSION['logged_in']现在设置->你到达//输出一些
我个人会在一个单独的文件中处理登录:
<?php
if(!isset($_SESSION['logged_in'])) {
// redirect to login.php
}
?>
// here comes the content when user is logged in
在login: <?php
if(isset($_POST['logsubmit']) {
// handle login and redirect to page that needs login if successfull
}
if($loginError) { // print login errors }
// print login form
?>
编辑:不要忘记session_start()(在包含的文件中session_start()是不必要的)
问题很可能是你有
header('location: ../public_html/index.php');
代替:
header('Location: ../public_html/index.php');
login。它应该有一个大写字母l,但它没有,你不会得到重定向,因此空白页…
更新
所以你重定向,但你的脚本死于某种原因。这不是一个逻辑错误,而是一个致命的脚本错误,杀死你的脚本之前,它可以输出更多的东西…你的代码是:
<?php if (isset($_SESSION['logged_in']))
{
printf ("<form action='../resources/library/logout.php' method='post' id='loginform'>
<h3> Hello %s!</h3> Nice to see you!
<input type='submit' class='logoutbutton' value='logout'>
</form>",$_SESSION["username"]);
}
?>
<?php if (isset($_POST["logsubmit"]))
{
require_once("../resources/library/login.php");
}else
{
if (!isset($_SESSION['username'])) {require_once("../resources/library/loginform.html");
}
}
?>
所以我明白了。当有人实际登录index.php时,需要一个login.php,完成后会发送一个重定位头并退出。但是输出已经开始了!你已经漏了半页了!因此,头发出一个错误(可能由于php.ini设置而不显示),然后退出。因此你得到了半页。
你应该把你的index.php代码改成:
<?php
session_start();
if (isset($_POST["logsubmit"]))
{
require_once("../resources/library/login.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Barstone</title>
<link rel="stylesheet" href="css/default.php" type="text/css">
<link href='http://fonts.googleapis.com/css?family=Bitter:700&subset=latin,latin-ext' rel='stylesheet' type='text/css'>
</head>
<body>
<?php require_once("../resources/config.php");
require_once("../resources/library/header_nav.php");?>
<div class="pagewrapper">
<div class="register-container">
<?php if(!isset($_SESSION['logged_in']) || !isset($_POST['regsubmit']))
{
if (isset($msg)) echo $msg .'<br>';
require_once("../resources/library/registerform.php");}
if (isset($_POST['regsubmit']) && $_SESSION['register_check']==true) {printf("Success! Welcome %s!",$_POST['username']);}
?>
</div>
<div class="login-container">
<?php if (isset($_SESSION['logged_in'])) { printf ("<form action='../resources/library/logout.php' method='post' id='loginform'><h3> Hello %s! </h3> Nice to see you!<input type='submit' class='logoutbutton' value='logout'> </form>",$_SESSION["username"]);
}else { if (!isset($_SESSION['username'])) {require_once("../resources/library/loginform.html");}}
?>
</div>
<div class="content">
<?php require_once("../resources/library/articles.php");?>
</div>
</div>
</body>
</html>
这可以防止在header之前输出,并且如果您输入错误的凭据也会显示错误。然后,您还应该更改您的login.php文件,以便它不会每次都重定向,而只在登录成功时重定向,如下所示:
<?php
require_once("../resources/config.php");
require_once("../resources/library/dbconnect.php");
function checkUser($con) {
if (isset($_POST['username']) && isset($_POST['password'])){
$username = $_POST['username'];
$pw = md5($_POST['password']);
$sql="SELECT * FROM `users` WHERE username='$username' and pw='$pw'";
$result = mysqli_query($con, $sql);
$row = mysqli_fetch_assoc($result);
if ($result==true && $username == $row["username"] && $pw==$row["pw"]) {
$_SESSION["logged_in"] = 1;
$_SESSION["admin"] = $row["admin"];
$_SESSION["username"] = $row["username"];
$msg='OK';
}
else {
$msg = "Das war nichts! Passwort oder Username falsch? <br>".mysqli_error($con);
unset($_SESSION["logged_in"]);
}
}
return $msg
}
$result = checkUser($connection);
if ($msg=='OK')
{
header('location: ../public_html/index.php');
exit;
}
?>