2

在这里诊断问题有点困难,如果我的描述有点模糊,很抱歉。我有一个非常标准的登录系统,并且在大多数情况下都可以正常工作。今天我注意到一个问题,但是当我重新启动浏览器时......它不会让我登录到 admin1.php,除非我先访问 admin2.php 并导航回 admin1.php。

之后一切正常。我可以注销并重新登录就好了。

这是我有的两个文件...

admin1.php

<style>
#form_contain {
    text-align: center;
}

form {
    display: inline-block;
    margin: 100px 0 0 !important;
}

label {
    display: table-cell !important;
    vertical-align: middle;
}

input[type='text'], input[type="password"] {
    float: left;
    display: table-cell !important;
    margin: 0 0 10px;
    height: 25px;
    width: 260px !important;
}
</style>

<?php
session_start();
include "lib/head.php";

function protect($string)
{
 $string = mysql_real_escape_string($string);
 return $string;
} 

$user = $_SESSION['username']; 

if(!$_POST['submit'])
{
    if ($_SESSION['logged'] == true) {
        include_once("admin_main.php");
        }
    else {

?>

<div id="form_contain">
    <form method="post" action="<?=$_SERVER['PHP_SELF']; ?>">
        <label>Username:</label>
        <input type="text" name="username" maxlength="16">
        <br>
        <label>Password:</label>
        <input type="password" name="password" maxlength="16">
        <br>
        <br>
        <br>
        <input type="submit" name="submit" value="Login" class="btn">
    </form>
    <p id="alert"></p>  
</div>


<?php
    }
}
else
{
  $user = protect($_POST['username']);
  $pass = protect($_POST['password']);

if($user && $pass)
{
    $sql="SELECT id,username FROM catalog_users WHERE username='$user' AND password='$pass'";
    $query=mysql_query($sql) or die(mysql_error());

        if(mysql_num_rows($query) == 1)
        {
            $row = mysql_fetch_assoc($query); // mysql_fetch_assoc gets the value for each field in the row
            $_SESSION['id'] = $row['id']; //creates the first session var
            $_SESSION['username'] = $row['username']; // second session var
            $_SESSION['logged'] = true;

            echo '
                <script language="javascript">
                    window.location = "admin1.php";
                </script>";

            ';

        }
        else
       {
            echo '
                <script language="javascript">
                    window.location="admin_wrong.php";    
                </script>
            ';
        }   
}
else
{           
    echo '
        <script language="javascript">
            window.location="admin_wrong.php";    
        </script>
    ';
}
}
?>

admin2.php

<?php
session_start();
include('lib/head.php');


if (isset($_SESSION['logged']) && $_SESSION['logged'] == true) {
    echo "
        This is a secured page, welcome <b>".$_SESSION['username']."</b>
        <br>
        <br>
        <a href='admin1.php'>Back</a>
        <a href='logout.php'>Logout</a>

        ";
    }
else {
    echo "<b>Sorry, you cannot access this page</b>";
}   


?>

更新:<?php session_start()我的代码顶部之前的 CSS导致了问题

4

1 回答 1

5

可能是因为您的登录代码出现您的 html 之后,因此即使脚本在脚本末尾确实让您登录,您似乎也没有登录。

通常,您希望将 PHP 和 HTML 尽可能分开(在不同的文件中),并首先执行所有 PHP 业务逻辑,然后输出所有 HTML。

于 2012-05-01T16:52:10.223 回答