我正在使用php代码制作一个网页,其中index.php代码在用户成功登录后发生变化。用户在登录前从index.php开始,被定向到login.php,然后重定向回index.php。index.php在登录后和登录前有一个完全不同的代码。我想知道什么是正确的方法来修改页面,因为我试了if语句,但好像不起作用。
索引页
<?php
require_once "pdo.php";
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>Index Page</title>
</head>
<body>
<div class="container">
<h2>Welcome to the Automobiles Database</h2>
<?php
if ( isset($_SESSION['error']) ) {
echo '<p style="color:red">'.$_SESSION['error']."</p>\n";
unset($_SESSION['error']);
}
if ( isset($_SESSION['success']) ) {
echo '<p style="color:green">'.$_SESSION['success']."</p>\n";
unset($_SESSION['success']);
}
if(!isset($_POST['email']) || !isset($_POST['pass']))//this code should work if the
//user is not loged in
{
echo '<p><a href="login.php">Please log in</a></p>' ;
echo '<p>Attempt to <a href="add.php">add data</a> without logging in</p>' ;
}
if(isset($_POST['email']) && isset($_POST['pass']))//this code should work if the user
//is loged in
{
if(isset($_POST['make']) && isset($_POST['year']) && isset($_POST['model']) &&
isset($_POST['mileage']))//this code should work if the user entered data
{
echo('<table border="1">'."\n");
$stmt = $pdo->query("SELECT * autos");
while ( $row = $stmt->fetch(PDO::FETCH_ASSOC) ) {
echo "<tr><td>";
echo(htmlentities($row['make']));
echo("</td><td>");
echo(htmlentities($row['model']));
echo("</td><td>");
echo(htmlentities($row['year']));
echo("</td><td>");
echo(htmlentities($row['mileage']));
echo("</td><td>");
echo('<a href="edit.php?user_id='.$row['user_id'].'">Edit</a> / ');
echo('<a href="delete.php?user_id='.$row['user_id'].'">Delete</a>');
echo("</td></tr>\n");
}
}
else if(!isset($_POST['make']) || !isset($_POST['year']) || !isset($_POST['model']) ||
!isset($_POST['mileage']))//this code should work if the user didn't enter data
{
echo "<p>no rows found</p>";
}
echo '<p><a href="add.php">Add New Entery</a></p>';
echo '<p><a href="logout.php">Logout</a></p>';
}
?>登录页面
<?php
require_once "pdo.php";
session_start();
if ( isset($_POST['cancel'] ) ) {
header("Location: login.php?name=".urlcode($_POST['email']));
return;
}
$salt = "XyZzy12*_";
$stored_hash = "1a52e17fa899cf40fb04cfc42e6352f1"; // Pw is php 123
$failure = false; // If we have no POST data
// Check to see if we have some POST data, if we do process it
if ( isset($_POST['email']) && isset($_POST['pass']) ) {
if ( strlen($_POST['email']) < 1 || strlen($_POST['pass']) < 1 ) {
$_SESSION['error'] = "User name and password are required";
header("Location: login.php");
return;
}
else if (!filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) {
$_SESSION['error'] = "Email must have an at-sign (@)";
header("Location: login.php");
return;
}
else {
$check = hash('md5', $salt.$_POST['pass']);
if ( $check == $stored_hash ) {
error_log("Login success ".$_POST['email']);
$_SESSION['name'] = $_POST['email'];
header("Location: index.php");
return;
} else {
error_log("Login fail ".$_POST['email']." $check");
$_SESSION['error'] = "Incorrect password";
header("Location: login.php");
return;
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login Page</title>
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"
integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7"
crossorigin="anonymous">
<link rel="stylesheet"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css"
integrity="sha384-fLW2N01lMqjakBkx3l/M9EahuwpSfeNvV63J5ezn3uZzapT0u7EYsXMjQV+0En5r"
crossorigin="anonymous">
<link rel="stylesheet"
href="https://code.jquery.com/ui/1.12.1/themes/ui-lightness/jquery-ui.css">
<script
src="https://code.jquery.com/jquery-3.2.1.js"
integrity="sha256-DZAnKJ/6XZ9si04Hgrsxu/8s717jcIzLy3oi35EouyE="
crossorigin="anonymous"></script>
<script
src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"
integrity="sha256-T0Vest3yCU7pafRw9r+settMBX6JkKN06dqBnpQ8d30="
crossorigin="anonymous"></script>
</head>
<body>
<div class="container">
<h1>Please Log In</h1>
<?php
if ( isset($_SESSION['error']) ) {
echo('<p style="color: red;">'.htmlentities($_SESSION['error'])."</p>\n");
unset($_SESSION['error']);
}
?>
<form method="POST" action="login.php">
User Name <input type="text" name="email"><br/>
Password <input type="text" name="pass"><br/>
<input type="submit" value="Log In">
<a href="index.php">Cancel</a></p>
</form>
<p>
For a password hint, view source and find a password hint
in the HTML comments.
<!-- Hint: The password is the three character name of the
programming language used in this class (all lower case)
followed by 123. -->
</p>
</div>
</body>
</html>
1条答案
按热度按时间csga3l581#
你应该做3页。
在索引中,检查用户是否已登录。如果已登录,则重定向到主页。如果未登录,则调用die()并重定向到登录页面。