1

我有以下名为 admin 的控制器

class Admin extends CI_Controller {

    public function __construct() {
        parent::__construct();
        $this->load->model('admin_model');
    }

    public function index()
    {
        $this->load->library('session');
        $this->load->database();
        if (!$this->session->userdata('user_id') || !$this->session->userdata('user_name'))
        {
            header("Location: /admin/login");
        }
        else
        {
            $user_id = $this->session->userdata('user_id');
            $user_name = $this->session->userdata('user_name');
            if (!$this->admin_model->verify($user_id, $user_name))
                header("Location: /admin/login");
        }
        $this->load->view('templates/header');
        $this->load->view('admin/index');
        $this->load->view('templates/footer');
    }
    public function login()
    {
        $this->load->view('templates/header');
        $this->load->helper('form');
        $this->load->library('form_validation');
        $this->form_validation->set_rules('username', 'Username', 'required');
        $this->form_validation->set_rules('password', 'Password', 'required');
        if ($this->form_validation->run() == FALSE)
        {
            $data['run'] = false;
        }
        else if (!$this->admin_model->loginverify($this->input->post('username'), 
                 $this->input->post('password')))
        {
            $data['run'] = false;
        }
        else
        {
            $data['run'] = true;
        }
        $this->load->view('admin/login', $data);
        $this->load->view('templates/footer');
    }
}

我有以下模型,称为 Admin_model

class Admin_model extends CI_Model
{
    public function __construct() {
        parent::__construct();
        $this->load->database();
    }
    public function verify($id, $name)
    {
        if (!is_numeric($id))
            return false;
        else
        {
            $query = $this->db->get_where('users', array('id'=>$id, 'username'=>$name), 1);
            if ($query->result()->num_rows() === 0)
                return false;
            else
                return true;
        }
    }
    public function loginverify($name, $pass)
    {
        $pass = md5($pass);
        //$query = $this->db->get_where('users', array('username'=>$name, 'passwd'=>$pass), 1);
        $query = $this->db->query("SELECT * FROM users WHERE username='$name' AND passwd='$pass' LIMIT 1");
        if ($query->result()->num_rows() === 0)
            return false;
        else
            return true;
    }
}

我的表格如下:

<?php  if (!$run) 
{
?>
<form method="post" action="/admin/login">

<h5>Username</h5>
<input type="text" id="username" name="username" value="" size="50" />

<h5>Password</h5>
<input type="password" id="password" name="password" value="" size="50" />

<div><input type="submit" id="submit" name ="submit" value="Login" /></div>

</form>
<?php

}else{
    echo "successfully login";
}
?>

提交时我得到一个空白页,当我在 Chrome 中检查网络时,我看到该帖子导致了 500 内部服务器错误。

当我在上面注释的行中将直接查询更改为 get_where 时,我得到一个严重性 8192 和错误消息mysql_escape_string(): This function is deprecated; use mysql_real_escape_string() instead.

我在这里使用手动表单,但我的 CSRF 设置为 false。我试过使用form_open('admin/login'),但可笑的是,它被localhost/?admin/login一个额外的?.

我在这里遇到了所有这些问题,我只是不知道该怎么办。我感谢提供的任何帮助。

4

1 回答 1

0

您的表单可能没有指向正确的网址,所以我建议您更改此设置:

<form action="/admin/login">


<form action="<?php echo site_url('admin/login'); ?>">

然后尝试替换所有headers() methods

header("Location: /admin/login");


redirect(site_url('admin/login'),'',302);

真诚地,从未header();与Codeigniter 一起使用

于 2013-01-06T20:53:39.730 回答