我正在为我的网页做一个登录系统,当我输入正确的登录ID和密码时,页面刷新回登录页面。我做了所有正确的事情,但会议一直搞乱,我不知道错误在哪里。
session_start();
if(!isset($_SESSION['loggedin'])){
header("location:login.php");
}
if(isset($_POST['login'])){
$username = mysqli_real_escape_string($db,$_POST['Username']);
$password = mysqli_real_escape_string($db,$_POST['password']);
if (empty($username)){
array_push($errors, "Username is required");
}
if (empty($password)){
array_push($errors, "Password is required");
}
if(count($errors) == 0){
$password = md5($password);
$query = "SELECT * FROM register where username='$username' AND password = '$password'";
$result = mysqli_query($db, $query);
if(mysqli_num_rows($result) == 1){//user found
$logged_in_user = mysqli_fetch_assoc($result);
if ($logged_in_user['type'] == 'admin') {
$_SESSION['loggedin'] = true;
$_SESSION['Username'] = $username;
$_SESSION['id'] = $id;
header('location: admin.php');
}
else{
$_SESSION['loggedin'] = true;
$_SESSION['Username'] = $username;
header('location: index.php');
}
}
}
}
两个页面都应该在代码顶部有session_start()
例如index.php
<?php
session_start();
server.php
<?php
session_start();
等等
另一件事外观。首选使用PDO而不是mysqli_进行数据库访问