0

我一周前刚学php。但现在我有一个问题。我的 php 登录和会话脚本,只在首页工作。当我使用明确的 cookie 进行测试,并在浏览器中输入我网站上的特定页面(例如:www.mysite.com/page34.html)时,登录表单不显示。

为什么尚未登录的用户可以访问我网站的特定页面?

ceklogin.php

    <?php
    include "koneksi.php";

    /* Variable declarationl */
    $username = $_POST['username'];
    $password = $_POST['password'];

    /* check data with my sql db in server */ 
    $user  = mysql_query("SELECT * FROM login WHERE username='$username' AND  password='$password'");
    $match = mysql_num_rows($user);

    if ($match==1){
        echo "<script>window.location = 'http://www.mysite.com/page1.html'</script>";
    }
    else {
        echo "<h1>Username and Password not match</h1>";    
    }
    ?>

索引.php

<?php 
 if(isset($_COOKIE['AboutVisit']))
 echo "<script>window.location = 'http://www.mypage.com/page1.html'</script>"
?>
<?php 
 $hour = 10800 + time(); 
 //this adds 1 hour to the current time 
 setcookie(AboutVisit, date("F jS - g:i a"), $hour);
?>
<html>
<head>
<title>Login Area</title>
</head>
<body>
<center>    
    <form action="ceklogin.php" method="post">
    <table>
    <tr><td colspan="2" align="center"><h1>Form Login </h1></td></tr>
    <tr><td>Username</td><td> : <input type="text" name="username"></td></tr>
    <tr><td>Password</td><td> : <input type="password" name="password"></td></tr>
    <tr><td colspan="2" align="right">
    <input type="submit" value="Login"> <input type="reset" value="Batal"></td></tr>
    </table>
    </form>
</center>
</body>
</html>

koneksi.php

<?php
mysql_connect("mysql server","my username","password") or die("Koneksi failed");
mysql_select_db("u674105401_01") or die("Database not exist");
//i am hiding my sql server, username, and password in this post
?>

为什么尚未登录的用户可以访问我网站的特定页面?

哪一个是错的?

4

2 回答 2

0

您可以使用 php标头函数,而不是使用 window.location

例子:header('Location: http://www.mypage.com/page1.html');

于 2013-07-07T19:49:28.180 回答
0

1 - 删除?><?php

2 -setcookie('AboutVisit', xxx);

于 2013-07-07T19:42:08.353 回答