1

我刚开始用 PHP 编码,但我被重定向困住了。我已经接受了提交表单中的 $_POST 信息并将它们分配给变量。我收到 2 个密码变量:$password 和 $c_password。我的目标是检查这两个密码是否匹配,如果它们匹配,我想对它们进行哈希处理。如果不是,我想将用户返回(重定向)到 register.php 页面。问题是如果我阻止 javascript 重定向下面的所有内容,它就可以工作。但是,如果我在 js 重定向后不阻止脚本,则用户会在数据库上注册并重定向到 login.php 页面。这是我到目前为止编码的内容:

<?php

// Open database connection
include 'db_connect.php';

// check existence and accept form data
if(isset($_POST['username']) && isset($_POST['email']) && isset($_POST['password']) && isset($_POST['c_password'])) {
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$c_password = $_POST['c_password'];
}

// Hash the password if password and c_password match
if(strcmp($password, $c_password) == 0) {
$password = hash('sha512',$_POST['password']);
} 
else { ?>
    <script type="text/javascript">
        document.location = './register.php?pass_nomatch=1';
    </script>
<?php
}

// Create a random salt
$random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));

// Create salted password (Careful not to over season)
$password = hash('sha512', $password.$random_salt);

// Add your insert to database script here. 
// Make sure you use prepared statements!
if ($insert_stmt = $mysqli->prepare("INSERT INTO members (username, email, password, salt) VALUES (?, ?, ?, ?)")) {    
$insert_stmt->bind_param('ssss', $username, $email, $password, $random_salt); 
// Execute the prepared query.
$insert_stmt->execute();
// Close MYSQL database connection
mysqli_close($mysqli);
// Redirect user to login page
header('Location: ./login.php');
}

?>

如果有人对我的问题有答案,请尽快回复:)

4

2 回答 2

1

只需使用:

header('Location: http://www.yoursite.com/page.php');

然后停止脚本:

die();

这将保证脚本停止。

于 2013-05-11T14:03:19.267 回答
0

To redirect a page in PHP, you can use the built-in function header();

ex: header('Location: http://www.yoursite.com/page.php')

Remember, it is important that you put, an Absolute path, as argument to the header. Here is why from Wikipedia: HTTP_location.

The internet standard requires an absolute URI to follow a Location header, which means it must contain a scheme[4] (e.g., http:, https:, telnet:, mailto:)[5] and conforms to scheme-specific syntax and semantics. For example, the HTTP scheme-specific syntax and semantics for HTTP URLs requires a "host" (web server address) and "absolute path", with optional components of "port" and "query". In the case that there is no absolute path present, it must be given as "/" when used as a request URI for a resource.[6]

Now, matching the passwords should be as easy, as:

if($passwordA === $passwordB) {
    // === is called, identity comparison operator. 
   // http://www.php.net/manual/en/language.operators.comparison.php

else{ 
    header('Location: http://site.com/register.php?pass_nomatch=1');
    die("If you are not redirected in 5 seconds, click <a href='#'>here<a/> ");
  }
于 2013-05-11T13:59:47.023 回答