我创建了一个简单的登录表单。当我输入正确的用户名
和密码
时,它总是显示访问被拒绝的消息。
验证.php:
<?php
session_start();
$conn = mysqli_connect('localhost','root','') or die(mysqli_error());
mysqli_select_db($conn,'maindata') or die(mysqli_error($conn));
$uname=$_POST['username'];
$pass=$_POST['password'];
$password = md5($pass);
$result = mysqli_query($conn,"select * from users where username='$uname' and password='$password'")
or die("Could not execute the select query.");
$row = mysqli_fetch_assoc($result);
if(is_array($row) && !empty($row))
{
$validuser = $row['username'];
$_SESSION['valid'] = $validuser;
}
else
{
echo "<center></h1>Access Denied</h1></center>"."<br />";
echo "<center></h6>Please wait while you are redirected in 3 seconds</h6></center>"."<br />";
header('Refresh: 3; url=login.html');
}
if(isset($_SESSION['valid']))
{
header("Location:index.html");
}
登录.html:
<?php
session_start();
if(isset($_SESSION['valid'])){
header("Location:index.html");
}
else
{
header("location:login.html");
}
?>
<form method="post" action="verify.php" class="login" class="contact_form">
<p>
<label for="login">Email:</label>
<input type="text" name="username" placeholder = "Enter Username Here...">
</p>
<p>
<label for="password">Password:</label>
<input type="password" name="password" placeholder = "*******">
</p>
<p class="login-submit">
<button type="submit" class="login-button">Login</button>
</p>
<p class="forgot-password"><a href="#">Forgot your password?</a></p>
</form>
最佳答案
您的代码会自行循环,Login.html 检查用户是否已登录(他们因无法登录而登录)并将其从 Login.html 重定向到 Login.html,这意味着您永远不会输入 php 代码。当尝试访问登录页面时,您不应该检查用户是否已经登录。
您还应该考虑创建一个文件来检查用户是否登录,它可能是这样的:
checkloggedin.php
<?php
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
if($_SESSION['loggedin'] == false)
{
die(header("Location: ./index.php"));
}
?>
当您需要检查用户是否登录时,您可以通过以下方式启动页面:
<?php
include"checkloggedin.php"
?>
关于php - 我的登录表单总是被拒绝访问,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/40780343/