0
我目前有與創建一個網頁一旦用戶已經登錄,這只是進入一些問題。頁面才能訪問登錄(PHP)
我已經通過不同的線程看着這裏,但都無濟於事的時候。任何幫助,這將不勝感激。
這裏是我的代碼:
的login.php
<?php
Include('connect.php');
if (isset($_REQUEST['Submit']))
{
if($_REQUEST['user_id']=="" || $_REQUEST['password']=="")
{
echo " Field must be filled";
}
else
{
$sql1= "select * from student where email= '".$_REQUEST['user_id']."' && password ='".$_REQUEST['password']."'";
$result=mysql_query($sql1)
or exit("Sql Error".mysql_error());
$num_rows=mysql_num_rows($result);
if($num_rows>0)
{
session_start($_SESSION['Login']);
Echo "You have logged in successfully";
header("Location: statistics.html");
}
else
{
echo "Wrong username or password.";
}
}
}
?>
<!DOCTYPE html>
<html class="no-js">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>PHP Login Form</title>
<meta name="description" content="">
<meta name="viewport" content="width=device-width">
<link rel="stylesheet" href="css/bootstrap.css">
<link rel="stylesheet" href="css/main.css">
</head>
<body>
<div class="container">
<div class="row" style="margin-top:20px">
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
<form name="form_login" method="post" action="login.php" role="form">
<fieldset>
<h2>Please Sign In</h2>
<hr class="colorgraph">
<div class="form-group">
<input name="user_id" type="text" id="user_id" class="form-control input-lg" placeholder="Email Address">
</div>
<div class="form-group">
<input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password">
</div>
<span class="button-checkbox">
<button type="button" class="btn" data-color="info">Remember Me</button><!-- Additional Option -->
<input type="checkbox" name="remember_me" id="remember_me" checked="checked" class="hidden">
<hr class="colorgraph">
<div class="row">
<div class="col-xs-6 col-sm-6 col-md-6">
<input type="submit" name="Submit" value="Login" class="btn btn-lg btn-success btn-block">
</div>
</div>
</fieldset>
</form>
</div>
</div>
</div>
</body>
</html>而且statistics.html(頁面登錄時,只應是可訪問)
<?php
include ("login.php")
\t session_start();
\t if(!isset($_SESSION['Login']))
\t {
\t header("Location:login.php");
\t die();
\t }
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
\t <title>Personal Website</title>
\t <link rel="stylesheet" href="../../CSS/stylesheetmain.css">
\t <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
\t <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css">
\t </head>
\t \t <body>
\t \t \t <!--Navigation Bar-->
\t \t \t <div class="row">
\t \t \t \t <div class="darkgrey column col-md-8 col-md-offset-2 col-xs-12 col-s-12">
\t \t \t \t \t <nav class="navbar navbar-background-color">
\t \t \t \t \t <div class="container-fluid">
\t \t \t \t \t <div class="navbar-header">
\t \t \t \t \t <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1"><!--Reference: Bootstrap, 2015. getbootstrap.com. [Online] Available at: http://getbootstrap.com/ [Accessed 01 April 2015]-->
\t \t \t \t \t <span class="sr-only">Toggle navigation</span>
\t \t \t \t \t <span class="icon-bar"></span>
\t \t \t \t \t <span class="icon-bar"></span>
\t \t \t \t \t <span class="icon-bar"></span>
\t \t \t \t \t </button>
\t \t \t \t \t <a class="navbar-brand" href="../index.html"></a>
\t \t \t \t \t </div>
\t \t \t \t \t <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
\t \t \t \t \t <ul class="nav navbar-nav navbar-right">
<li class="active"><a href="../index.html">Home</a></li><!--Edits made: Removed active button -->
<li><a href="AboutMe.html">About Me</a></li>
<li><a href="Blog.html">Blog</a></li>
<li><a href="ContactMe.html">Contact Me</a></li>
<li><a href="Login.html">Login</a></li>
</ul>
\t \t \t \t \t </div><!-- /.navbar-collapse -->
\t \t \t \t \t </div><!-- /.container-fluid -->
\t \t \t \t \t </nav>
\t \t \t \t </div>
\t \t \t </div>
\t \t \t <div class="row">
\t \t \t \t <div class="navbarbottom column col-md-8 col-md-offset-2 col-xs-12 col-s-12"></div>
\t \t \t </div>
\t \t \t <!--Page Title-->
\t \t \t <div class="row">
\t \t \t \t <div class="title mediumbluetext col-md-8 col-md-offset-2 col-xs-0 col-s-0">
\t \t \t \t \t <center><h1>Statistics</h1></center>
\t \t \t \t </div>
\t \t \t </div>
\t \t \t <!--Main Body-->
\t \t \t <div class="row">
\t \t \t \t <!--Left Column Spacer-->
\t \t \t \t <div class="maintextleftbackground column col-md-2 col-xs-0 col-s-0">
\t \t \t \t \t <script type="text/javascript" src="//s7.addthis.com/js/300/addthis_widget.js#pubid=ra-52f8f8c0164b330f" async="async"></script>
\t \t \t \t </div>
\t \t \t \t <!--Middle Column-->
\t \t \t \t <div class="maintext80 column col-md-8 col-xs-12 col-s-8 col-s-offset-2"><br>
\t \t \t \t \t <div id="main-chart-container"></div>
\t \t \t \t \t <div id="breakdown-chart-container"></div>
\t \t \t \t \t <div id="embed-api-auth-container"></div>
\t \t \t \t \t <div id="view-selector-container"></div>
\t \t \t \t </div>
\t \t \t \t <!--Right Column Spacer-->
\t \t \t \t <div class="maintextrightbackground column col-md-2 col-xs-0 col-s-0">
\t \t \t \t </div>
\t \t \t </div>
\t \t \t <!--Footer Bar-->
\t \t \t <div class="row">
\t \t \t \t <div class="darkgrey column col-md-8 col-md-offset-2 col-xs-12 col-s-12">
\t \t \t \t \t <nav class="navbar-background-color">
\t \t \t \t \t \t <div class="container-fluid">
\t \t \t <p class="navbar-text navbar-right"><a href="../SiteMap/SiteMap.html" class="navbar-link">SiteMap</a></p>
\t \t \t \t \t \t </div>
\t \t \t \t \t </nav>
\t \t \t \t </div>
\t \t \t </div>
\t <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
\t \t <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script>
\t \t <script>
\t \t \t (function(w,d,s,g,js,fs){
\t \t \t g=w.gapi||(w.gapi={});g.analytics={q:[],ready:function(f){this.q.push(f);}};
\t \t \t js=d.createElement(s);fs=d.getElementsByTagName(s)[0];
\t \t \t js.src='https://apis.google.com/js/platform.js';
\t \t \t fs.parentNode.insertBefore(js,fs);js.onload=function(){g.load('analytics');};
\t \t \t }(window,document,'script'));
\t \t </script>
</body> \t
</html>無論我嘗試什麼,我似乎都無法讓代碼工作。這些文件也在同一個目錄中。
任何幫助,這將不勝感激。
您的代碼易受SQL注入攻擊。您應該使用[mysqli](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php)或[PDO](http://php.net/manual/en/pdo.prepared- statement.php)按照[本文]中描述的準備語句(http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)。 –
''mysql_ *'函數從PHP v5.5開始已棄用,自v7.0開始已被刪除。他們不應該用於新的代碼,應該換成[mysqli](http://php.net/manual/en/book.mysqli.php)或[PDO](http://php.net/manual /en/book.pdo.php)儘可能等效。 –