所以这是对这篇文章的跟进。我正在尝试使用链接帖子中的代码登录。它可以工作,但是我相信 login.php 文件中发生了一些我不知道的事情。这是大部分login.php文件,我提前为代码墙道歉。
<?php
session_start();
error_reporting(E_ALL^ E_NOTICE);
//include the connection and variable defination page
include("include/server.php");
include("include/function.php");
//checking the form has been submit by user or not
if(isset($_POST['cmdSubmit']) and $_POST['cmdSubmit']="Login")
{
//$refLink = $_SERVER['HTTP_REFERER'];
$refLink = "index.php?err_msg=1";
$user = addslashes($_POST['username']);
$pass = addslashes($_POST['password']);
$remember = $_POST['remember'];
$strErrorMessage = "";
if($user==""){
$strErrorMessage = "User Name can not be blank";
}
if($pass==""){
$strErrorMessage = "Password can not be blank";
}
if($user=="" and $pass==""){
$strErrorMessage = "User Name and Password can not be blank";
}
if($strErrorMessage=="")
{
if(isset($_POST['remember'])){
//removing all the cookie at set the user name password in cookies
unset($_COOKIE[session_name()]);
setcookie("usernamex", $_POST['username'], time()+60*60*24*100);
setcookie("userpassx", $_POST['password'], time()+60*60*24*100);
setcookie("rememberx", $_POST['remember'], time()+60*60*24*100);
}else{
if(isset($_COOKIE['rememberx']) && isset($_COOKIE['usernamex']) && isset($_COOKIE['userpassx']))
{
unset($_COOKIE[session_name()]);
setcookie("usernamex", $_POST['username'], time());
setcookie("userpassx", $_POST['password'], time());
setcookie("rememberx", $_POST['remember'], time());
}
}
$sqlLogin = "select * from member_mast where username = '".$user."' and password = '".$pass."' and is_deleted_flg=0 and is_profile=0";
$queryLogin = mysql_query($sqlLogin) or die(mysql_error()." Please check the Query");
$totLogin = mysql_num_rows($queryLogin);
//here checking the user is authorized or not
if($totLogin>0)
{
$rsLogin = mysql_fetch_array($queryLogin);
$_SESSION['uid'] = trim($rsLogin['username']);
$_SESSION['memberid'] = trim($rsLogin['user_id']);
$_SESSION['userType'] = trim($rsLogin['member_role']);
if(isset($_POST["page"]) and trim($_POST["page"])!="")
{
$pageName = trim($_POST["page"]);
$pagepassId = trim($_POST["pageid"]);
$redirect_url = "http://www.fakesite.com/fspv2/welcome.php?page=".$pageName."&pageid=".$pagepassId;
}
else
{
//$redirect_url = "http://www.fakesite.com/fspv2/welcome.php";
//$redirect_url = "welcome.php";
$redirect_url = "welcome.php";
}
//header("Location: ".$redirect_url);
?>
<script>window.location.href="<?php echo $redirect_url; ?>";</script>
<!-- <meta http-equiv="refresh" content="0;url=<?php echo $redirect_url; ?>"> -->
<?php
}
else
{
$displayMessage = "Login failed. If you are authorized, try again";
session_destroy();
$state = "inv";
$_SESSION['username'] = $_POST['username'];
$_SESSION['password'] = $_POST['pass'];
$username = $_SESSION['username'];
$password = $_SESSION['password'];
?>
<script>window.location.href="<?php echo $refLink; ?>";</script>
<?php
}
}
else
{
$state = "inv";
$_SESSION['username'] = $_POST['userid'];
$_SESSION['password'] = $_POST['pass'];
$username = $_SESSION['username'];
$password = $_SESSION['password'];
$displayMessage = $strErrorMessage;
?>
<script>window.location.href="<?php echo $refLink; ?>";</script>
<?php
}
}
//header("Location: ".$refLink);
?>
<!--<script>window.location.href="<?php echo $refLink; ?>";</script>--> <!-- <meta http-equiv="refresh" content="0;url=<?php echo $refLink; ?>"> -->
现在,当我连接到这个 login.php 时,用户名/密码是否有效都没有关系。我得到的唯一回应是这个
05-18 17:08:50.160: V/RESPONSE(30797): <!--<script>window.location.href="";</script>--> <!-- <meta http-equiv="refresh" content="0;url="> -->
看起来好像它javascript试图重定向我,因为它是一个移动设备。我可以在那里找到的唯一重定向是将客户端重定向到“welcome.php”,如果他们成功登录的话。这里似乎没有移动 login.php 重定向(我可能错了)它应该注意的是,我没有设计网站或我试图通过我的 Android 软件访问的任何文件,但我确实可以访问所有文件。我的问题是,如果这不是我应该访问的文件/url,那么是什么,或者我如何找到它?如果您需要查看任何其他代码,请询问。谢谢!