He estado tratando de averiguar por qué mi usuario no está dirigida al directorio adecuado en inicio de sesión. Cada cliente tiene su propio directorio (que creo de antemano). Les envío su ID de usuario y contraseña. Desde un formulario de acceso, deben ser enviados a su directorio adecuado, pero de alguna manera la secuencia de comandos falta de nomenclatura que parte de su inicio de sesión.
Tal vez alguien me puede decir cuál es incorrecto con mi guión. Gracias!
~ J
<?PHP
ob_start();
session_start();
//check that the user is calling the page from the login form and not accessing it directly
//and redirect back to the login form if necessary
if (!isset($username) || !isset($password)) {
header("Location: http://www.mywebsite.com/login.htm" );
}
//check that the form fields are not empty, and redirect back to the login page if they are
elseif (empty($username) || empty($password)) {
header("Location: http://www.mywebsite.com/login.htm" );
}
else{
//set the database connection variables
$dbHost = "localhost";
$dbUser = "(omitted)";
$dbPass = "(omitted)";
$dbDatabase = "(omitted)";
//add slashes to the username and md5() the password
$user = addslashes($_POST['username']);
$pass = md5($_POST['password']);
mysql_connect("$dbHost", "$dbUser", "$dbPass")or die ("Error connecting to database.");
mysql_select_db("$dbDatabase") or die(mysql_error());
$result=mysql_query("SELECT * FROM clients WHERE password='$pass' AND username='$user'") or die("Couldn't query the user-database.");
$rowCheck = mysql_num_rows($result);
if($rowCheck > 0)
{
while($row = mysql_fetch_array($result)){
// Start the login session
session_start();
$_SESSION['user'] = $_POST['user'];
$_SESSION['password'] = $_POST['password'];
header('refresh: 2;url=/client/'.$_SERVER["PHP_AUTH_USER"].'/clindx.php');
echo "Success! You will now be redirected.";
exit();
}
}
else {
//if nothing is returned by the query, unsuccessful login code goes here...
echo 'Incorrect login name or password. Please try again.';
}
}
?>
- <?PHP
- ob_start();
- session_start();
- //check that the user is calling the page from the login form and not accessing it directly
- //and redirect back to the login form if necessary
- if (!isset($username) || !isset($password)) {
- header("Location: http://www.mywebsite.com/login.htm" );
- }
- //check that the form fields are not empty, and redirect back to the login page if they are
- elseif (empty($username) || empty($password)) {
- header("Location: http://www.mywebsite.com/login.htm" );
- }
- else{
- //set the database connection variables
- $dbHost = "localhost";
- $dbUser = "(omitted)";
- $dbPass = "(omitted)";
- $dbDatabase = "(omitted)";
- //add slashes to the username and md5() the password
- $user = addslashes($_POST['username']);
- $pass = md5($_POST['password']);
- mysql_connect("$dbHost", "$dbUser", "$dbPass")or die ("Error connecting to database.");
- mysql_select_db("$dbDatabase") or die(mysql_error());
- $result=mysql_query("SELECT * FROM clients WHERE password='$pass' AND username='$user'") or die("Couldn't query the user-database.");
- $rowCheck = mysql_num_rows($result);
- if($rowCheck > 0)
- {
- while($row = mysql_fetch_array($result)){
- // Start the login session
- session_start();
- $_SESSION['user'] = $_POST['user'];
- $_SESSION['password'] = $_POST['password'];
- header('refresh: 2;url=/client/'.$_SERVER["PHP_AUTH_USER"].'/clindx.php');
- echo "Success! You will now be redirected.";
- exit();
- }
- }
- else {
- //if nothing is returned by the query, unsuccessful login code goes here...
- echo 'Incorrect login name or password. Please try again.';
- }
- }
- ?>
Abril 22nd, 2004, 10:38 am
