1

首先我想说我是新来的,我需要一些有关 htaccess 的帮助。我编写了一些 mod_rewrite 规则来重写用户配置文件,将 php 文件重写为 html,并将 php 重定向到 html,但现在我遇到了 login.php 的问题。不允许我登录。我做错了什么?这是我的 htaccess 规则和 login.php

<IfModule mod_rewrite.c>


Options +FollowSymLinks
RewriteEngine on
RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-zA-Z0-9_-]+)$ profilo.php?u=$1
RewriteRule ^([a-zA-Z0-9_-]+)/$ profilo.php?u=$1

RewriteCond %{REQUEST_URI} ^/(.*)\.html$
RewriteCond %{DOCUMENT_ROOT}/%1.php -f
RewriteRule ^(.*)\.html$ $1.php [nc]



RewriteCond %{THE_REQUEST} ^[A-Z]+\s([^\s]+)\.php\s
RewriteRule .* %1.html [R=301,L]
</IfModule>

这是我的 login.php

function LoginForm(){
require("inc/config.inc.php");

ob_start(); //start output buffering

session_start(); //initialize session

if(isset($_SESSION["utente_id"]))
{
    header("Location: index.html");
}

if($_SERVER["REQUEST_METHOD"] == "POST")
{
    require(MYSQL);
    $errors = array();

    //Validate the email address:
    if(!empty($_POST["username"]))
    {
        $username = mysqli_real_escape_string($database, $_POST["username"]);
    }
    else
    {
        $errors[] = "Inserisci il tuo username.";
    }

    //Validate the password:
    if(!empty($_POST["password"]))
    {
        $password = mysqli_real_escape_string($database, $_POST["password"]);
    }
    else
    {
        $errors[] = "Inserisci la tua password.";
    }

    // $query  = "SELECT active FROM users WHERE (email = '$email' AND password = SHA1('$password'))";
    // $result = mysqli_query($database, $query);

    // $shitnigga = mysqli_fetch_array($result, MYSQLI_ASSOC);
    // print_r($shitnigga);

    if(empty($errors))
    {
        $query  = "SELECT utente_id, username, utente_level FROM users 
                   WHERE (username = '$username' AND password = SHA1('$password')) 
                   AND active IS NULL";
        $result = mysqli_query($database, $query) or trigger_error("Query: $query\n<br>MySQL Error: " . mysqli_error($database));

        if(@mysqli_num_rows($result) == 1) //A match was made
        {
            //Register the values:
            $_SESSION = mysqli_fetch_array($result, MYSQLI_ASSOC);
            mysqli_free_result($result);
            mysqli_close($database);

            //Redirect the user:
            $url = BASE_URL . "panello.php";
            ob_end_clean(); //Delete the buffer.
            header("Location: $url");
            exit();
        }
        else
        {
            echo '<p class="error">Either the email address and password entered do not match or your account is not activated.</p>';
        }
    }
    else
    {
        echo '<ul class="error">';
        echo "<h3>Error(s) occured!</h3>";
        foreach($errors as $error)
        {
            echo "<li>{$error}</li>";
        }
        echo "</ul>";
    }

    mysqli_close($database);
}





echo '<form method="POST" action="login.php" name="login"  id="formID">';
echo '<ul>
<li><p class="login_p">Username</p>     
<input type="text" name="username" id="username"  size="30" class="validate[required] text-input" placeholder="username" />
</li>
<li><p class="login_p">Password</p>     
<input type="password" name="password" id="password" size="30" class="form-text" autofocus placeholder="password"/>
</li>
<li>

<input type="submit" name="login" value="login">
</li>

</ul>';

echo '</form>';

}
4

1 回答 1

0

我认为重新启动服务器后它会起作用

于 2013-04-30T11:03:57.203 回答