所以我有索引.php有我的默认页面。它在 xampp 上工作正常。所以我将我的整个网站上传到1&1(我的域名/托管服务提供商),当我尝试转到我的域名时,我收到一个空警报,没有消息和一个完全空白的页面。
我将文件名更改为索引.html并且网页加载得很好。所以我知道它一定是带有.php扩展或我的代码的东西。
我还添加了一个名为.htaccess的文件,它只包含:
DirectoryIndex index.php
这是我在索引顶部的 php 代码.php(将敏感的信息替换为 *s):
<?php
//Connect to a database
$host_name = "******.db.1and1.com";
$database = "db****";
$user_name = "dbo******";
$password = "***z.0**";
$connect = mysqli_connect($host_name, $user_name, $password, $database);
// echo("nice job");
//Take the values from the html form and assign them to variables
$ID = $_POST['name'];
$userpassword = $_POST['password'];
//If no passsowrd entered then go straight to index.php
echo "<script type='text/javascript'>alert($userpassword);</script>";
if ($userpassword == null) {
header("Location: http://localhost:82/index3.php");
die();
}
//Check to see if the password matches the hashes
if (md5($userpassword) === '******************'
or md5($userpassword) === '***********'
or md5($userpassword) === '****************'
or md5($userpassword) === '**************')
{
//Add the visitor name to our list
mysqli_query($connect, "INSERT INTO `WebsiteVisitors` (`Name`) VALUES ('$ID')") or die("Error in INSERT: ".mysqli_error($connect));
// echo "You have entered the correct password, congrats.";
// Start the session so they can access other pages
session_start();
$_SESSION['loggedIn'] = true;
// Redirect them to rest of site
header("Location: http://localhost:82/home.php");
die();
}
else {
header("Refresh: 0; url=index2.php");
echo "<script type='text/javascript'>alert('"Wrong Password. Check your invitation card.'");</script>";
}
?>
由于$_POST
请求仅在您的情况下提交表单后才出现,因此您只需在存在$_POST["name"]
和$_POST["password"]
时才执行用户名和密码检查。
和操作变量之前给出一个 if 语句if(isset($_POST['name']) && isset($_POST['password']))
$_POST
。此外,session_start()
应该在脚本的顶部给出。
以下是您的完整代码,包括检查
<?php
session_start();
// session start should be at top of your script
error_reporting(E_ERROR); // reports only errors
//Connect to a database
$host_name = "******.db.1and1.com";
$database = "db****";
$user_name = "dbo******";
$password = "***z.0**";
$connect = mysqli_connect($host_name, $user_name, $password, $database);
// $_POST request comes only when form is submitted in your case. So check for $_POST['name'] and $_POST['password']
if(isset($_POST['name']) && isset($_POST['password']))
{
$ID = $_POST['name'];
$userpassword = $_POST['password'];
//If no passsowrd entered then go straight to index.php
if ($userpassword == null)
{
echo "<script type='text/javascript'>alert("Empty Password");</script>";
header("Location: http://localhost:82/index3.php");
die();
}
//Check to see if the password matches the hashes
if (md5($userpassword) === '******************'
or md5($userpassword) === '***********'
or md5($userpassword) === '****************'
or md5($userpassword) === '**************')
{
//Add the visitor name to our list
mysqli_query($connect, "INSERT INTO `WebsiteVisitors` (`Name`) VALUES ('$ID')") or die("Error in INSERT: ".mysqli_error($connect));
$_SESSION['loggedIn'] = true;
// Redirect them to rest of site
header("Location: http://localhost:82/home.php");
die();
}
else
{
echo "<script type='text/javascript'>alert('"Wrong Password. Check your invitation card.'");</script>";
header("Refresh: 0; url=index2.php");
}
}
?>