0

在我的索引页面上,我有一个指向我的 admin_login.php 页面的链接,其中包含以下代码:

<?php
session_start();
if(!isset($_SESSION["manager"])) {
header("location:admin_login.php");
exit();
 }

$managerID = preg_replace('#[^0-9]#i','', $_SESSION["id"]);
$manager = preg_replace('#[^A-Za-z0-9]#i','', $_SESSION["manager"]);
$password = preg_replace('#[^A-Za-z0-9]#i','', $_SESSION["password"]);

include "../storescripts/connect_to_mysql.php";
$sql=mysql_query("SELECT*FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1");
$existCount=mysql_num_rows($sql);
if($existCount==1) {
echo 'Na Na Na Na';
exit();
}

?>

在 admin_login.php 页面上,我有

<?php
session_start();
if(!isset($_SESSION["manager"])) {
header("location:index.php");
exit();
}
?>
<?php
if(isset($_POST["username"])&&isset($_POST["password"])) {

 $manager = preg_replace('#[^A-Za-z0-9]#i','', $_POST["manager"]);
 $password = preg_replace('#[^A-Za-z0-9]#i','', $_POST["password"]);
 include "../storescripts/connect_to_mysql.php";
 $sql=mysql_query("SELECT id FROM admin WHERE username='$manager' AND     password='$password' LIMIT 1");
 $existCount=mysql_num_rows($sql);
 if($existCount==1) {
while($row = mysql_fetch_array($sql)) {
$id=$row["id"];
}
$_SESSION["id"]=$id;
$_SESSION["manager"]=$manager;
$_SESSION["password"]=$password;
header("location: index.php");
exit();
   } else { 
echo ' That info is incorrect , try again <a href="index.php"> Click Here </a>';
exit();
    }
    }
    ?>

我正在使用管理面板登录管理员以进行进一步的程序,但它向我显示了重定向循环的错误。

4

1 回答 1

2

它是由于逻辑错误而发生的(重定向循环......)

假设由于以下代码未设置index.php $_SESSION["manager"]

session_start();
if(!isset($_SESSION["manager"])) {
header("location:admin_login.php");
exit();
 }

admin_login.php由于以下代码,它在那里

session_start();
if(!isset($_SESSION["manager"])) {
header("location:index.php");
exit();
}

它去index.php

更新嗯嗯…………

警告: mysql_* 已弃用...

回答你的问题

这可能取决于你的逻辑....

我可以说一个....

让我选择 loginPage.php(你可以有 index.php)作为管理员网关让代码是

function LoginChecker()
{ //Returns 0=Not,1=ok,2=Fraud

$hashCode= md5("of your Security Factor"); //something for better security


if(isset($_SESSION["is_LoggedIn_as_Admin"]))
{
if(isset($_SESSION["Logged_Admin_HASH"]))
{
if($_SESSION["Logged_Admin_HASH"]==$hashCode) //something for better security
{
//its login time have your Code Goes 
 return 1;
}
else
{ return 2;}
}
else
{ return 2;}
}
else
{ return 0;}
}

像这样检查而不是重定向

if(LoginChecker()==1)
{
//Logged in
}
else
{
//Html Code to show LoginPage or E......
//include "Login.php"
}

提醒$_SESSION["is_LoggedIn_as_Admin"] $_SESSION["Logged_Admin_HASH"]在登录时设置

于 2013-10-28T04:04:33.990 回答