您知道如果要在PHP中重定向用户,可以使用标头功能:
header('Location: http://smowhere.com');
众所周知,exit;在header调用之后也放置一个很好的做法,以防止执行其他php代码.所以我的问题是:标头位置调用后的代码能否有效执行?在哪些情况下?恶意用户能否完全忽略该header('Location..')呼叫?怎么样?
我正在建立一个有3种类型用户的网站:
-those who are registered and are subscribed for current month
-those that are registered, but are not subscribed for current month
-users that are not registered (you cant be subscribed if you are not regitered)
我已经创建了识别这3种用户的代码并且行为恰当.我的问题是,这是要走的路吗?我以前从未做过类似的事情.或者我应该重新编程我的方法?
//login.php
//connect to database and see if a user and password combination exists. Store $exists=0 if not, and $exists=1 if it exists.
session_start();
$conn = new mysqli($hn,$un,$pw,$db);
if ($conn->connect_error){
die($conn->connect_error);
}
$query = "SELECT COUNT(1) as 'exists',expiration_date FROM table WHERE email = ? …我正在为一个具有管理员面板的电子商务项目设置一个 Web 应用程序。如何强制并自动重定向到login.php而不是index.php?
例如,如果我确实遵循此路径http://localhost/project/admin(这将加载index.php)。
但是,当我尝试通过http://localhost/project/admin/login.phplogin.php手动打开时,登录过程成功运行并打开会话
文件夹结构:
在 Windows 10 上使用 XAMPP Panel v3.2
我已经尝试过以下方法:
登录.php
<?php
session_start();
include '../include/connection.php';
if (isset($_POST['submit'])) {
$email = $_POST['email'];
$password = $_POST['password'];
$query = "select * from admin where admin_email = '$email' AND admin_password = '$password'";
$result = mysqli_query($conn,$query);
$adminSet = mysqli_fetch_assoc($result);
if ($adminSet['admin_id']) {
$_SESSION['admin_id'] = $adminSet['admin_id'];
header("location:index.php");
}
else {
$error = "You are not authenticated.";
}
}
?>
admin-header.php // 包含在index.php 中
<?php …