0

我有一个存储登录详细信息的 xml(mydata.xml) 文件,如下所示

<?xml version = "1.0" encoding="Windows-1252" standalone="yes"?>
<MYData>
    <login_details>
        <unique_ref>1-61</unique_ref>
    <login_name>tomme</login_name>
        <login>me</login>
        <password>me</password>
        <file1>Test</file1>
        <file2/>
        <file3/>
        <file4/>
    </login_details>
    <login_details>
        <unique_ref>1-61</unique_ref>
    <login_name>tony</login_name>
        <login>tony</login>
        <password>tony</password>
        <file1>Test1</file1>
        <file2/>
        <file3/>
        <file4/>
    </login_details>
</MYData>

我有一个登录文件来输入详细信息

<html>
<head>
<title>Administrator Login Page</title>
<style type="text/css">
@import "style.css";
</style>
</head>
<body>
<h1>Administrator Login Page</h1>
</br></br></br></br></br></br></br>
<form action="admin_verify.php" method="post">
User Name: <input type="text" name="admin_name" />
</br></br>
Password:&nbsp;&nbsp; <input type="password" name="admin_password" />
</br></br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<input type="submit" value="Login"/>
<input type="reset" value="Reset"/>
</form>
</body>
</html>

我还有一个 admin_verify 文件

<?php
    session_start();
    $mydata = simplexml_load_file("xml/mydata.xml");

    $login = "";
    $password = "";
    $loginname = "";

    for($i = 0; $i < count($mydata); $i++){

        $login = $mydata->login_details[$i]->login;
        $password = $mydata->login_details[$i]->password;
        $loginname = $mydata->login_details[$i]->login_name;


    if(empty($_POST["admin_name"]))
    {
        header("Location:login.php");
        return false;
    }

    if(empty($_POST["admin_password"]))
    {
        $this->HandleError("Password is empty!");
        return false;
    }

        if(($_POST["admin_name"] == $login) && ($_POST["admin_password"] == $password)){
            $_SESSION['name'] = "$loginname";
            header("Location:admin_panel.php");
        }
    }

    //as we have exited for loop (and therefore not been directed) we have a invalid login
    echo "invalid username or password";
 ?>

问题在于 admin_panel 中的会话,因为我试图从 xml 文件获取 $loginname 到 admin_verify 文件,它传递了“tomme”,但 admin_panel 文件是我迷路的地方我也想传递“ tomme' 在 xml 文件中显示 file1 的内容 如果我在所有会话页面中将 $loginname 硬编码给管理员,那么它工作正常但我想动态传递信息 admin_panel 如下所示

<html>
<head>
<title>Administrator Panel</title>
<style type="text/css">
@import "style.css";
</style>
</head>
<body>
<h1>Administrator Panel</h1>
<?php
session_start();
$mydata = simplexml_load_file("xml/mydata.xml");

     for ($i=0; $i < count($mydata);++$i)
     $loginname = $mydata->login_details[$i]->login_name;

if($_SESSION['name']=="$loginname")
{
echo "Welcome ".$_SESSION['name'];
echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
echo "<a href='logout.php'>Logout</a>";
}
else
{
header("Location:login.php");
}
echo "&nbsp;&nbsp;&nbsp;";

echo "</br></br></br>";

?>
</body>
</html>

任何帮助都会得到满足

4

1 回答 1

1

首先,无论如何将纯文本密码存储在任何文件中都不是一个好主意。无论如何

您可以对 simpleXML 对象进行 json_encode 并将其插入到您的会话中,然后将值传递给管理面板。

查看所有 3 个文件的编辑,希望对您有所帮助。

登录:

<?php session_start();
//already logged in
if(isset($_SESSION['logged_in']) && $_SESSION['logged_in']==true){
    exit(header("Location: ./admin_panel.php"));
}
?>
<html>
<head>
<title>Administrator Login Page</title>
<style type="text/css">
@import "style.css";
</style>
</head>
<body>
<h1>Administrator Login Page</h1>

<?php echo (isset($_SESSION['error'])?'<span style="color:red">'.$_SESSION['error'].'</span>':null);?>
<div>
    <form action="admin_verify.php" method="post">
        <label for="admin_name">User Name:</label> <input type="text" name="admin_name" />
        </br>
        <label for="admin_password">Password:</label> <input type="password" name="admin_password" />
        </br>
        <input style="margin-left:30px" type="submit" value="Login"/>
        <input type="reset" value="Reset"/>
    </form>
</div>

</body>
</html>
<?php 
//unset error as its only required once
unset($_SESSION['error']);
?>

admin_veryify

<?php
session_start();
$mydata = simplexml_load_file("mydata.xml");

$login = "";
$password = "";
$loginname = "";

for($i = 0; $i < count($mydata); $i++){

    $login = $mydata->login_details[$i]->login;
    $password = $mydata->login_details[$i]->password;
    $loginname = $mydata->login_details[$i]->login_name;


    if(empty($_POST["admin_name"]) || empty($_POST["admin_password"]))
    {
        $_SESSION['error']='Please fill in both username and password';
        exit(header("Location:login.php"));
    }


    if(($_POST["admin_name"] == $login) && ($_POST["admin_password"] == $password)){
        //set logged in
        $_SESSION['logged_in'] = true;
        //unset password no need to include that
        unset($mydata->login_details[$i]->password);

        //json encode the user stuff from the xml
        $_SESSION['user_details'] = json_encode($mydata->login_details[$i]);

        //goto admin
        exit(header("Location: ./admin_panel.php"));
    }
}

//as we have exited for loop (and therefore not been directed) we have a invalid login
$_SESSION['error']='Invalid username or password';
exit(header("Location:login.php"));
?>

管理面板

<?php
session_start();
//logout
if(isset($_GET['logout'])){unset($_SESSION['logged_in']);session_destroy();}


//check login
if(isset($_SESSION['logged_in']) && $_SESSION['logged_in']==true){
    //json decode user details from session into an array
    $user_details = json_decode($_SESSION['user_details'],true);

    //debug your values
    echo '<pre>'.print_r($user_details,true).'</pre>';
    /*
    Array
    (
        [unique_ref] => 1-61
        [login_name] => tomme
        [login] => me
        [file1] => Test
        [file2] => Array
            (
            )

        [file3] => Array
            (
            )

        [file4] => Array
            (
            )

    )
    */

    echo '<a href="?logout">logout</a>';
}else{
    exit(header("Location: ./login.php"));
}
?>
于 2013-02-10T18:04:12.933 回答