我的登录表单在Internet Explorer中运行良好,但在Chrome和Firefox中,它几乎总是在第一次尝试时失败。在阅读了Stack Overflow上的几乎每一篇文章都没有找到答案后,我决定发布这篇文章。第一次尝试总是无法登录,需要2次或3次尝试。我包含了两部分代码,第一部分是我的login.php,第二部分是header.html,如果用户登录,所有链接都会出现在这里。
我尝试了很多事情,比如刷新dns,清除缓存,卸载Chrome并重新安装,我在3台不同的计算机上尝试了我的页面,结果都是一样的。
我在phpmyadmin中以SQL形式测试了该查询,当我在login.php文件中执行Select查询时,它总是返回UserID。
MYSQL是一个常量,它指向我的mysqli_connect文件。
我希望这篇文章能帮助其他可能有这个问题的人。
这里是login.php
<?php
include ('includes/header.html');
include ('includes/config.inc.php');
$page_title = 'Login';
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
require (MYSQL);
$trimmed = array_map('trim', $_POST);
if (!empty($trimmed['Email']) && filter_var($trimmed['Email'], FILTER_VALIDATE_EMAIL, FILTER_SANITIZE_EMAIL)){
$e = mysqli_real_escape_string($dbc, $_POST['Email']);
} else {
$e = FALSE;
echo '<p class="error">You forgot to enter your email address, or the email you entered is invalid.</p>';
}
if (!empty($trimmed['Pass']) && (preg_match ('/^w{4,20}$/', $trimmed['Pass']))){
$p = mysqli_real_escape_string($dbc, $_POST['Pass']);
} else {
$p = FALSE;
echo '<p class="error">You forgot to enter your password, or the password you entered is invalid.</p>';
}
if ($e && $p){
$q = "SELECT UserID, Fname FROM users WHERE (Email='$e' AND Pass=SHA1('$p')) AND Active IS NULL";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $qn<br />MySQL Error: " . mysqli_error($dbc));
if (@mysqli_num_rows($r) == 1){
$_SESSION = mysqli_fetch_array($r, MYSQLI_ASSOC);
mysqli_free_result($r);
mysqli_close($dbc);
$url = BASE_URL . 'index.php';
ob_end_clean();
header("Location: $url");
exit();
} else {
echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
}
} else {
echo '<p class="error">Please try again.</p>';
}
mysqli_close($dbc);
} //end of submit conditional
?>
<div class="text">
<h1>Login</h1>
<p>Your browser must allow cookies in order to log in.</p>
<form action="login.php" method="post">
<fieldset>
<p><b>Email: <input type="text" name="Email" /></b></p>
<p><b>Password: <input type="password" name="Pass" /></b></p>
<input type="submit" name="submit" value="Login!" />
</fieldset>
</form>
</div>
<? include ('includes/footer.html'); ?>
这是header.html
<?php
ob_start();
session_start();
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
<link rel="stylesheet" type="text/css" href="css/styles.css" />
<title><?php if (isset($page_title)){ echo $page_title; }?></title>
<meta name="description" content="<?php if (isset($description)){ echo $description; }?>">
<meta name="keywords" content="<?php if (isset($keywords)){echo $keywords; }?>">
<script type="text/javascript">
$(document).ready(function(){
$("#menu li").hover(function(){
$(this).children(":hidden").slideDown();
},function(){
$(this).parent().find("ul").slideUp();
});
});
</script>
</head>
<body>
<div id="container">
<div id="logo">
<img src="images/links.jpg" border="0" alt="Links">
</div>
<div id="menu">
<ul>
<li><a href="http://www.example.com">Home</a></li>
<li><a href="#">About</a>
<ul>
<li class="sub"><a href="how_it_works.php">How It Works</a></li>
<li class="sub"><a href="link_placement.php">Link Placement</a></li>
<li class="sub"><a href="verifying_your_links.php">Verifying Links</a></li>
<li class="sub"><a href="link_partners.php">Link Partners</a></li>
<li class="sub"><a href="terms.php">Terms and Conditions</a></li>
</ul>
</li>
<li><a href="#">Account Management</a>
<ul>
<?php
if (isset($_SESSION['UserID'])){
echo '<li class="sub"><a href="logout.php">Logout</a></li>';
echo '<li class="sub"><a href="add_url.php?id=' . $_SESSION['UserID'] . '">Add Your Url</a></li>';
echo '<li class="sub"><a href="directory.php">Directory of Sites</a></li>';
echo '<li class="sub"><a href="view_sites.php?id=' . $_SESSION['UserID'] . '">View/Edit Urls</a></li>';
echo '<li class="sub"><a href="edit_account.php?id=' . $_SESSION['UserID'] . '">Edit Account</a></li>';
echo '<li class="sub"><a href="change_password.php">Change Password</a></li>';
} else {
echo '<li class="sub"><a href="login.php">Login</a></li>';
echo '<li class="sub"><a href="register.php">Register</a></li>';
}
?>
<li class="sub"><a href="forgot_password.php">Forgot Password</a></li>
</ul>
</li>
<li><a href="register.php">Register</a></li>
<li><a href="contact.php">Contact Us</a></li>
</ul>
<div align="center" id="sidebar">
<?php include('includes/ads.php'); ?>
</div>
</div>
我敢打赌,在页面刷新后的第一次登录尝试(使用正确的凭据)后,您的header.html将显示正确的链接,而无需再次进行授权。
是这样吗?
好吧,如果是的话,您必须设法在$_SESSION初始化(SESSION_start()函数)、输出缓存机制(ob_start(函数)和标头重定向(标头("Location")函数)之间达成一个小循环
你的搜索查询应该是"为什么header()重定向不起作用",你会立即找到答案——因为在头之前有一些输出到浏览器。
最有可能发生的情况是,您的授权有效,您设置了$_SESSION变量,但没有得到重定向。当你再次尝试查看该页面后——令人惊讶的是,你已经获得了授权。也不需要任何其他登录尝试。
更好的方法是清理代码,看看会发生什么
将检查用户登录详细信息的代码放在页面顶部,若发生错误,将其保存在变量中,然后显示,否则重定向用户。
注:未测试代码
<?php
include( "includes/config.inc.php" );
if ( strtolower( $_SERVER['REQUEST_METHOD'] ) === "post" && ( isset( $_POST["Email"], $_POST["Pass"] ) ) ) {
session_start();
$email = filter_var( trim( $_POST["Email"] ), FILTER_VALIDATE_EMAIL );
$pass = preg_match( '/^w{4,20}$/', trim( $_POST["Pass"] ) ) ? trim( $_POST["Pass"] ) : false;
if ( $email ) {
if ( $pass ) {
$email = mysqli_real_escape_string( $dbc, $email );
$pass = mysqli_real_escape_string( $dbc, $pass );
$query = "SELECT UserID, Fname FROM users WHERE ( Email = '$e' AND Pass = SHA1('$p') ) AND Active IS NULL";
$result = mysqli_query( $dbc, $query );
if ( $result ) {
if ( (int)mysqli_num_rows( $result ) === 1 ) {
$_SESSION = mysqli_fetch_array( $result, MYSQLI_ASSOC );
mysqli_free_result( $result );
mysqli_close( $dbc );
header( "Location: ".BASE_URL."index.php" );
exit();
}
else {
$error = 'Either the email address and password entered do not match those on file or you have not yet activated your account.';
}
}
else {
$error = 'Query: $qn<br />MySQL Error: '. mysqli_error( $dbc );
}
}
else {
$error = 'You forgot to enter your password, or the password you entered is invalid.';
}
}
else {
$error = 'You forgot to enter your email address, or the email you entered is invalid.';
}
}
mysqli_close( $dbc );
$page_title = "Login"; // put this, just before including "header.html", so you can use it in your header file
include( "includes/header.html" );
// A
?>
<div class="text">
<h1>Login</h1>
<p>Your browser must allow cookies in order to log in.</p>
<?php
if ( isset( $error ) ) {
echo '<p class="error">'.$error.'</p>';
}
?>
<form action="login.php" method="post">
<fieldset>
<p><b>Email: <input type="text" name="Email" /></b></p>
<p><b>Password: <input type="password" name="Pass" /></b></p>
<input type="submit" name="submit" value="Login!" />
</fieldset>
</form>
</div>
<?php
include( "includes/footer.html" );
?>