1

即使密码正确,我的登录系统也会将您重定向到索引页面,以下是一些可能存在问题的文件:

登录检查.php:

<?php
    require("header.inc.php");
    if (isset($_POST['submitButton'])) 
    {
        if(!isset($_POST['username']))
        {
            die("The username and password fields were not set.");
        }
        else if(!isset($_POST['password'])) 
        {
                die("Error: The password field was not set.");
        }

        $password = hash("sha512", $_POST['password']); 

        $query = mysql_query("SELECT `id` FROM `users` WHERE `name` = '" . mysql_real_escape_string($_POST['username']) . "' AND `password` = '" . mysql_real_escape_string($password) . "'");
        if(mysql_num_rows($query))
        {
            $sessID = mysql_real_escape_string(session_id());
            $hash = mysql_real_escape_string(hash("sha512", $sessID.$_SERVER['HTTP_USER_AGENT']));
            $userData = mysql_fetch_assoc($query);
            $expires = time() + (60 * 15);

            mysql_query("INSERT INTO `active_users` (`user`, `session_id`, `hash`, `expire`) VALUES ('" . (int) $userData['id'] . "', '" . $sessID . "', '" . $hash . "', '" . $expires . "')");
            header("Location: ./Dashboard.php");
            exit;
        }
        else {
            header("Location: ./index.php");
            exit;
        }
    }
    ?>

页眉.inc.php:

<?php
    session_start();
    require("connection.php");

    $user = IsLoggedIn();

    if($user)
    {
        $expires = time() + (60 * 15);
        mysql_query("UPDATE 'active_users' SET 'expires' = '" . $expires . "' WHERE 'user' = " . (int) $user . "");

    }

    function IsLoggedIn()
    {
        $sessID = mysql_real_escape_string(session_id());
        $hash = mysql_real_escape_string(hash("sha512", $sessID.$_SERVER['HTTP_USER_AGENT']));

        $query = mysql_query("SELECT `user` FROM `active_users` WHERE `session_id` = '" . $sessID . "' AND `hash` = '" . $hash . "' AND `expires` > " . time(). "");

        $data = mysql_fetch_assoc($query);
        if(mysql_num_rows($query))
        {
            return $data['user'];
        }
        else {
            return false;
        }

    }
    ?>

仪表板.php:

<?php
require("header.inc.php");
if($user)
{
    print("Welcome to the dashboard!");
}
else {
    header("Location: ./index.php");
    end;
}
?>

索引页

<?php
require("header.inc.php");
?>
<head>
<title>Zalman's UCP</title>
<link rel="stylesheet" type="text/css" href="CSS/main.css">
<link rel="shortcut icon" href="Images/Favicon.ico" type="image/x-icon" />
</head>
<body>

<div id="Youtube_Button"><img src="Images/Icons/Youtube Icon.png" width="34" height="28"></div>
<div id="Twitter_Button"><img src="Images/Icons/Twitter Icon.png" width="34" height="28"></div>
<div id="Line1"><img src="Images/line.png" width="10" height="605"></div>
<div id="container">
This is Zalman's, from scratch UCP, Development Stage: Alpha
<div id="Header">
<div id="Logo">
<center><a href="index.php">ZALMAN</a></center>
</div>
<div id="LoginBox"><center>Login in</center></div>
<div id="Login">

<?php
print("<form id=\"LoginForm\" method=\"post\" action=\"./LoginCheck.php\">\n");
print("Username: <input type=\"text\" name=\"username\" id=\"username\"/><br /><br />\n");
print("Password: <input type=\"password\" name=\"password\" id=\"password\"/><br /><br />\n");
print("<button type=\"submit\" name=\"submitButton\" id=\"sumbitButton\">Login</button>\n");
print("</form>\n");
 ?>
</div> 
</body>

问题是密码和用户名都是正确的,但是当您输入它们时,它只会将您重定向到索引页面,而它应该将您重定向到 Dashboard.php

4

0 回答 0