0

login.php 表单和 password.php 工作正常,但进入站点的验证不工作

“passwords.php”的代码

<?php 
$USERS["username1"] = "password1"; 
$USERS["username2"] = "password2"; 
$USERS["username3"] = "password3"; 

function check_logged(){ 
     global $_SESSION, $USERS; 
     if (!array_key_exists($_SESSION["logged"],$USERS)) { 
          header("Location: login.php"); 
     }; 
}; 
?>

登录.php

<?php 
session_start(); 
include("passwords.php"); 
if ($_POST["ac"]=="log") { /// do after login form is submitted  
     if ($USERS[$_POST["username"]]==$_POST["password"]) { /// check if submitted 

          $_SESSION["logged"]=$_POST["username"]; 
     } else { 
          echo 'Incorrect username/password. Please, try again.'; 
     }; 
}; 
if (array_key_exists($_SESSION["logged"],$USERS)) { //// check if user is logged or not  
     echo "You are logged in."; //// if user is logged show a message  
} else { //// if not logged show login form 
     echo '<form action="login.php" method="post"><input type="hidden" name="ac" value="log"> '; 
     echo 'Username: <input type="text" name="username" />'; 
     echo 'Password: <input type="password" name="password" />'; 
     echo '<input type="submit" value="Login" />'; 
     echo '</form>'; 
}; 
?>

我不能让这部分工作

页面验证:

<?php 
session_start(); /// initialize session 
include("passwords.php"); 
check_logged(); /// function checks if visitor is logged. 
?>

页面代码在这里

我究竟做错了什么?验证不检查用户是否登录。它只是进入页面。

4

1 回答 1

4

您应该添加退出;在设置重定向标头后,页面的其余部分不会得到处理。

 if (!array_key_exists($_SESSION["logged"],$USERS)) { 
      header("Location: login.php"); 
      exit;
 };

另外,您是否尝试关闭浏览器以清除所有会话数据并查看您是否仍然登录?

于 2012-09-28T14:52:46.993 回答