首先我想说我是新来的,我需要一些有关 htaccess 的帮助。我编写了一些 mod_rewrite 规则来重写用户配置文件,将 php 文件重写为 html,并将 php 重定向到 html,但现在我遇到了 login.php 的问题。不允许我登录。我做错了什么?这是我的 htaccess 规则和 login.php
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-zA-Z0-9_-]+)$ profilo.php?u=$1
RewriteRule ^([a-zA-Z0-9_-]+)/$ profilo.php?u=$1
RewriteCond %{REQUEST_URI} ^/(.*)\.html$
RewriteCond %{DOCUMENT_ROOT}/%1.php -f
RewriteRule ^(.*)\.html$ $1.php [nc]
RewriteCond %{THE_REQUEST} ^[A-Z]+\s([^\s]+)\.php\s
RewriteRule .* %1.html [R=301,L]
</IfModule>
这是我的 login.php
function LoginForm(){
require("inc/config.inc.php");
ob_start(); //start output buffering
session_start(); //initialize session
if(isset($_SESSION["utente_id"]))
{
header("Location: index.html");
}
if($_SERVER["REQUEST_METHOD"] == "POST")
{
require(MYSQL);
$errors = array();
//Validate the email address:
if(!empty($_POST["username"]))
{
$username = mysqli_real_escape_string($database, $_POST["username"]);
}
else
{
$errors[] = "Inserisci il tuo username.";
}
//Validate the password:
if(!empty($_POST["password"]))
{
$password = mysqli_real_escape_string($database, $_POST["password"]);
}
else
{
$errors[] = "Inserisci la tua password.";
}
// $query = "SELECT active FROM users WHERE (email = '$email' AND password = SHA1('$password'))";
// $result = mysqli_query($database, $query);
// $shitnigga = mysqli_fetch_array($result, MYSQLI_ASSOC);
// print_r($shitnigga);
if(empty($errors))
{
$query = "SELECT utente_id, username, utente_level FROM users
WHERE (username = '$username' AND password = SHA1('$password'))
AND active IS NULL";
$result = mysqli_query($database, $query) or trigger_error("Query: $query\n<br>MySQL Error: " . mysqli_error($database));
if(@mysqli_num_rows($result) == 1) //A match was made
{
//Register the values:
$_SESSION = mysqli_fetch_array($result, MYSQLI_ASSOC);
mysqli_free_result($result);
mysqli_close($database);
//Redirect the user:
$url = BASE_URL . "panello.php";
ob_end_clean(); //Delete the buffer.
header("Location: $url");
exit();
}
else
{
echo '<p class="error">Either the email address and password entered do not match or your account is not activated.</p>';
}
}
else
{
echo '<ul class="error">';
echo "<h3>Error(s) occured!</h3>";
foreach($errors as $error)
{
echo "<li>{$error}</li>";
}
echo "</ul>";
}
mysqli_close($database);
}
echo '<form method="POST" action="login.php" name="login" id="formID">';
echo '<ul>
<li><p class="login_p">Username</p>
<input type="text" name="username" id="username" size="30" class="validate[required] text-input" placeholder="username" />
</li>
<li><p class="login_p">Password</p>
<input type="password" name="password" id="password" size="30" class="form-text" autofocus placeholder="password"/>
</li>
<li>
<input type="submit" name="login" value="login">
</li>
</ul>';
echo '</form>';
}