-2
所以,我做了一個網站和它的登錄系統。有一個登陸頁面,一個「新帖子」頁面和一個登錄頁面。我不希望用戶在未登錄的情況下訪問「新文章」頁面[已解決],但是,如果他將嘗試在沒有會話的情況下訪問它,它將使用/ login /?將其重定向到登錄頁面。新的。 當他在地址欄中使用?new登錄時,它應該將他重定向到「New post」頁面,如果url只是/ login /,它會將他帶到登陸頁面。 這就是我試圖做的代碼:需要幫助Php isset()
if($count == 1 && $row['userPass']==$password && isset($_POST["new"])) {
$_SESSION['user'] = $row['userId'];
header('Location:../new');
} else if ($count == 1 && $row['userPass']==$password) {
$_SESSION['user'] = $row['userId'];
header('Location:../');
}
else {
$errMSG = "Incorrect Credentials, Try again...";
}
這就是全碼:
<?php
ob_start();
session_start();
require_once 'dbconnect.php';
$error = false;
if(isset($_POST['btn-login'])) {
// prevent sql injections/ clear user invalid inputs
$email = trim($_POST['email']);
$email = strip_tags($email);
$email = htmlspecialchars($email);
$pass = trim($_POST['pass']);
$pass = strip_tags($pass);
$pass = htmlspecialchars($pass);
// prevent sql injections/clear user invalid inputs
if(empty($email)){
$error = true;
$emailError = "Please enter your email address.";
} else if (!filter_var($email,FILTER_VALIDATE_EMAIL)) {
$error = true;
$emailError = "Please enter valid email address.";
}
if(empty($pass)){
$error = true;
$passError = "Please enter your password.";
}
// if there's no error, continue to login
if (!$error) {
$password = hash('sha256', $pass); // password hashing using SHA256
$res=mysql_query("SELECT userId, userName, userPass FROM users WHERE userEmail='$email'");
$row=mysql_fetch_array($res);
$count = mysql_num_rows($res); // if uname/pass correct it returns must be 1 row
if($count == 1 && $row['userPass']==$password && isset($_POST["new"])) {
$_SESSION['user'] = $row['userId'];
header('Location:../new');
} else if ($count == 1 && $row['userPass']==$password) {
$_SESSION['user'] = $row['userId'];
header('Location:../');
}
else {
$errMSG = "Incorrect Credentials, Try again...";
}
}
}
?>
與此代碼會發生什麼?我在這裏看不到任何關於URL的信息。 – chris85
網址是http://world-sports.000webhostapp.com –
它總是將我重定向到登錄頁 –